CVE-2022-24077
EUVD-2022-2899013.06.2022, 14:15
Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| naver | cloud_explorer | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
- CWE-427 - Uncontrolled Search Path ElementThe product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.