{"containers":{"cna":{"affected":[{"platforms":["Windows"],"product":"NeoRS","vendor":"douzone","versions":[{"lessThanOrEqual":"RS10","status":"affected","version":"RS10","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-11-30T18:47:59.000Z","orgId":"cdd7a122-0fae-4202-8d86-14efbacc2863","shortName":"krcert"},"references":[{"tags":["x_refsource_MISC"],"url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36367"}],"source":{"discovery":"UNKNOWN"},"title":"douzone NeoRS remote support program ActiveX vulnerability","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"vuln@krcert.or.kr","ID":"CVE-2020-7880","STATE":"PUBLIC","TITLE":"douzone NeoRS remote support program ActiveX vulnerability"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"NeoRS","version":{"version_data":[{"platform":"Windows","version_affected":"<=","version_name":"RS10","version_value":"RS10"}]}}]},"vendor_name":"douzone"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20 Improper Input Validation"}]}]},"references":{"reference_data":[{"name":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36367","refsource":"MISC","url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36367"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T09:41:01.881Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36367"}]}]},"cveMetadata":{"assignerOrgId":"cdd7a122-0fae-4202-8d86-14efbacc2863","assignerShortName":"krcert","cveId":"CVE-2020-7880","datePublished":"2021-11-30T18:47:59.000Z","dateReserved":"2020-01-22T00:00:00.000Z","dateUpdated":"2024-08-04T09:41:01.881Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}