Search criteria
2 vulnerabilities found for HelpuFTServer.dll by Helpu,inc
CVE-2020-7862 (GCVE-0-2020-7862)
Vulnerability from nvd – Published: 2021-06-24 10:15 – Updated: 2024-09-16 23:06
VLAI
Title
HelpU Overflow Vulnerability
Summary
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process.
Severity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://krcert.or.kr/krcert/secNoticeView.do?bull… | x_refsource_MISC |
| https://helpu.co.kr/customer/download.html | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Helpu,inc | HelpuViewer.exe |
Affected:
2018.5.21.0 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuServer.exe |
Affected:
1.0.0.2 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuFTClient.dll |
Affected:
3.0.0.0 2020.11.20.0
|
|
| Helpu,inc | HelpuFTServer.dll |
Affected:
3.0.0.0 2020.11.20.0
|
Date Public
2021-06-23 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86, x64"
],
"product": "HelpuViewer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "2018.5.21.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuServer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "1.0.0.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTClient.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTServer.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"datePublic": "2021-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-24T10:15:14.000Z",
"orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"shortName": "krcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HelpU Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"DATE_PUBLIC": "2021-06-23T05:51:00.000Z",
"ID": "CVE-2020-7862",
"STATE": "PUBLIC",
"TITLE": "HelpU Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HelpuViewer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "2018.5.21.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuServer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "1.0.0.2",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTClient.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTServer.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
}
]
},
"vendor_name": "Helpu,inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094",
"refsource": "MISC",
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"name": "https://helpu.co.kr/customer/download.html",
"refsource": "MISC",
"url": "https://helpu.co.kr/customer/download.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"assignerShortName": "krcert",
"cveId": "CVE-2020-7862",
"datePublished": "2021-06-24T10:15:14.096Z",
"dateReserved": "2020-01-22T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:06:17.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7862 (GCVE-0-2020-7862)
Vulnerability from cvelistv5 – Published: 2021-06-24 10:15 – Updated: 2024-09-16 23:06
VLAI
Title
HelpU Overflow Vulnerability
Summary
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process.
Severity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://krcert.or.kr/krcert/secNoticeView.do?bull… | x_refsource_MISC |
| https://helpu.co.kr/customer/download.html | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Helpu,inc | HelpuViewer.exe |
Affected:
2018.5.21.0 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuServer.exe |
Affected:
1.0.0.2 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuFTClient.dll |
Affected:
3.0.0.0 2020.11.20.0
|
|
| Helpu,inc | HelpuFTServer.dll |
Affected:
3.0.0.0 2020.11.20.0
|
Date Public
2021-06-23 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86, x64"
],
"product": "HelpuViewer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "2018.5.21.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuServer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "1.0.0.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTClient.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTServer.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"datePublic": "2021-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-24T10:15:14.000Z",
"orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"shortName": "krcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HelpU Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"DATE_PUBLIC": "2021-06-23T05:51:00.000Z",
"ID": "CVE-2020-7862",
"STATE": "PUBLIC",
"TITLE": "HelpU Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HelpuViewer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "2018.5.21.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuServer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "1.0.0.2",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTClient.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTServer.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
}
]
},
"vendor_name": "Helpu,inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094",
"refsource": "MISC",
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"name": "https://helpu.co.kr/customer/download.html",
"refsource": "MISC",
"url": "https://helpu.co.kr/customer/download.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"assignerShortName": "krcert",
"cveId": "CVE-2020-7862",
"datePublished": "2021-06-24T10:15:14.096Z",
"dateReserved": "2020-01-22T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:06:17.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}