Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    8 vulnerabilities found for cloud_explorer by naver

    CVE-2022-24077 (GCVE-0-2022-24077)

    Vulnerability from nvd – Published: 2022-06-13 13:40 – Updated: 2024-08-03 03:59
    VLAI
    Summary
    Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.
    Severity
    No CVSS data available.
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Impacted products
    Vendor Product Version
    NAVER NAVER Cloud Explorer Beta Affected: All versions
    Create a notification for this product.
    Credits
    anonymous
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.920Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2022-24077.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NAVER Cloud Explorer Beta",
              "vendor": "NAVER",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "anonymous"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269: Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-13T13:40:17.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2022-24077.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2022-24077",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NAVER Cloud Explorer Beta",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "anonymous"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-269: Improper Privilege Management"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2022-24077.html",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2022-24077.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2022-24077",
        "datePublished": "2022-06-13T13:40:17.000Z",
        "dateReserved": "2022-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:59:23.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9752 (GCVE-0-2020-9752)

    Vulnerability from nvd – Published: 2020-03-23 02:15 – Updated: 2024-08-04 10:43
    VLAI
    Summary
    Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://cve.naver.com/detail/cve-2020-9752 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    NAVER Corporation Naver Cloud Explorer Affected: unspecified , ≤ 2.2.2.11 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:43:05.125Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2020-9752"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Naver Cloud Explorer",
              "vendor": "NAVER Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.2.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-23T02:15:13.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2020-9752"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2020-9752",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Naver Cloud Explorer",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "2.2.2.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-73"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2020-9752",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2020-9752"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2020-9752",
        "datePublished": "2020-03-23T02:15:13.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:43:05.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9751 (GCVE-0-2020-9751)

    Vulnerability from nvd – Published: 2020-03-03 09:15 – Updated: 2024-08-04 10:43
    VLAI
    Summary
    Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://cve.naver.com/detail/cve-2020-9751 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    NAVER Corporation Naver Cloud Explorer Affected: unspecified , ≤ 2.2.2.11 (custom)
    Create a notification for this product.
    Credits
    JAEWOOK SHIN(powerprove, null2root) and JINWOO PARK (P4rkJW, CAT-Security)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:43:04.395Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2020-9751"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Naver Cloud Explorer",
              "vendor": "NAVER Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.2.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "JAEWOOK SHIN(powerprove, null2root) and JINWOO PARK (P4rkJW, CAT-Security)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker\u0027s server and execute it during the upgrade."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-494",
                  "description": "CWE-494",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-03T09:15:14.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2020-9751"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2020-9751",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Naver Cloud Explorer",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "2.2.2.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER Corporation"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "JAEWOOK SHIN(powerprove, null2root) and JINWOO PARK (P4rkJW, CAT-Security)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker\u0027s server and execute it during the upgrade."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-494"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2020-9751",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2020-9751"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2020-9751",
        "datePublished": "2020-03-03T09:15:14.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:43:04.395Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-13156 (GCVE-0-2019-13156)

    Vulnerability from nvd – Published: 2019-09-03 14:42 – Updated: 2024-08-04 23:41
    VLAI
    Summary
    NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://cve.naver.com/detail/cve-2019-13156 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    NAVER Corporation NDrive Affected: unspecified , ≤ 1.2.2 (custom)
    Create a notification for this product.
    Credits
    MyeongHwan Seo(f10w3r) rootsmh0311@gmail.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:41:10.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2019-13156"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NDrive",
              "vendor": "NAVER Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "1.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "MyeongHwan Seo(f10w3r) rootsmh0311@gmail.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-03T14:42:09.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2019-13156"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2019-13156",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NDrive",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "1.2.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER Corporation"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "MyeongHwan Seo(f10w3r) rootsmh0311@gmail.com"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2019-13156",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2019-13156"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2019-13156",
        "datePublished": "2019-09-03T14:42:09.000Z",
        "dateReserved": "2019-07-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:41:10.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-24077 (GCVE-0-2022-24077)

    Vulnerability from cvelistv5 – Published: 2022-06-13 13:40 – Updated: 2024-08-03 03:59
    VLAI
    Summary
    Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.
    Severity
    No CVSS data available.
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    References
    Impacted products
    Vendor Product Version
    NAVER NAVER Cloud Explorer Beta Affected: All versions
    Create a notification for this product.
    Credits
    anonymous
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:59:23.920Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2022-24077.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NAVER Cloud Explorer Beta",
              "vendor": "NAVER",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "anonymous"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269: Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-13T13:40:17.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2022-24077.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2022-24077",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NAVER Cloud Explorer Beta",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "anonymous"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-269: Improper Privilege Management"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2022-24077.html",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2022-24077.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2022-24077",
        "datePublished": "2022-06-13T13:40:17.000Z",
        "dateReserved": "2022-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:59:23.920Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9752 (GCVE-0-2020-9752)

    Vulnerability from cvelistv5 – Published: 2020-03-23 02:15 – Updated: 2024-08-04 10:43
    VLAI
    Summary
    Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://cve.naver.com/detail/cve-2020-9752 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    NAVER Corporation Naver Cloud Explorer Affected: unspecified , ≤ 2.2.2.11 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:43:05.125Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2020-9752"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Naver Cloud Explorer",
              "vendor": "NAVER Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.2.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-23T02:15:13.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2020-9752"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2020-9752",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Naver Cloud Explorer",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "2.2.2.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-73"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2020-9752",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2020-9752"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2020-9752",
        "datePublished": "2020-03-23T02:15:13.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:43:05.125Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9751 (GCVE-0-2020-9751)

    Vulnerability from cvelistv5 – Published: 2020-03-03 09:15 – Updated: 2024-08-04 10:43
    VLAI
    Summary
    Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker's server and execute it during the upgrade.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://cve.naver.com/detail/cve-2020-9751 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    NAVER Corporation Naver Cloud Explorer Affected: unspecified , ≤ 2.2.2.11 (custom)
    Create a notification for this product.
    Credits
    JAEWOOK SHIN(powerprove, null2root) and JINWOO PARK (P4rkJW, CAT-Security)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:43:04.395Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2020-9751"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Naver Cloud Explorer",
              "vendor": "NAVER Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.2.11",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "JAEWOOK SHIN(powerprove, null2root) and JINWOO PARK (P4rkJW, CAT-Security)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker\u0027s server and execute it during the upgrade."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-494",
                  "description": "CWE-494",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-03T09:15:14.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2020-9751"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2020-9751",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Naver Cloud Explorer",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "2.2.2.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER Corporation"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "JAEWOOK SHIN(powerprove, null2root) and JINWOO PARK (P4rkJW, CAT-Security)"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker\u0027s server and execute it during the upgrade."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-494"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2020-9751",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2020-9751"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2020-9751",
        "datePublished": "2020-03-03T09:15:14.000Z",
        "dateReserved": "2020-03-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:43:04.395Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-13156 (GCVE-0-2019-13156)

    Vulnerability from cvelistv5 – Published: 2019-09-03 14:42 – Updated: 2024-08-04 23:41
    VLAI
    Summary
    NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    https://cve.naver.com/detail/cve-2019-13156 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    NAVER Corporation NDrive Affected: unspecified , ≤ 1.2.2 (custom)
    Create a notification for this product.
    Credits
    MyeongHwan Seo(f10w3r) rootsmh0311@gmail.com
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:41:10.535Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cve.naver.com/detail/cve-2019-13156"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "NDrive",
              "vendor": "NAVER Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "1.2.2",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "MyeongHwan Seo(f10w3r) rootsmh0311@gmail.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-03T14:42:09.000Z",
            "orgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
            "shortName": "naver"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cve.naver.com/detail/cve-2019-13156"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@navercorp.com",
              "ID": "CVE-2019-13156",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "NDrive",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "version_affected": "\u003c=",
                                "version_value": "1.2.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "NAVER Corporation"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "MyeongHwan Seo(f10w3r) rootsmh0311@gmail.com"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-121"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://cve.naver.com/detail/cve-2019-13156",
                  "refsource": "CONFIRM",
                  "url": "https://cve.naver.com/detail/cve-2019-13156"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f9629fae-ca2e-4fbf-9785-3ed86476aef6",
        "assignerShortName": "naver",
        "cveId": "CVE-2019-13156",
        "datePublished": "2019-09-03T14:42:09.000Z",
        "dateReserved": "2019-07-02T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:41:10.535Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }