Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for helpuserver by helpu
CVE-2020-7862 (GCVE-0-2020-7862)
Vulnerability from cvelistv5 – Published: 2021-06-24 10:15 – Updated: 2024-09-16 23:06
VLAI
Title
HelpU Overflow Vulnerability
Summary
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process.
Severity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://krcert.or.kr/krcert/secNoticeView.do?bull… | x_refsource_MISC |
| https://helpu.co.kr/customer/download.html | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Helpu,inc | HelpuViewer.exe |
Affected:
2018.5.21.0 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuServer.exe |
Affected:
1.0.0.2 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuFTClient.dll |
Affected:
3.0.0.0 2020.11.20.0
|
|
| Helpu,inc | HelpuFTServer.dll |
Affected:
3.0.0.0 2020.11.20.0
|
Date Public
2021-06-23 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86, x64"
],
"product": "HelpuViewer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "2018.5.21.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuServer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "1.0.0.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTClient.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTServer.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"datePublic": "2021-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-24T10:15:14.000Z",
"orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"shortName": "krcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HelpU Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"DATE_PUBLIC": "2021-06-23T05:51:00.000Z",
"ID": "CVE-2020-7862",
"STATE": "PUBLIC",
"TITLE": "HelpU Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HelpuViewer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "2018.5.21.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuServer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "1.0.0.2",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTClient.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTServer.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
}
]
},
"vendor_name": "Helpu,inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094",
"refsource": "MISC",
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"name": "https://helpu.co.kr/customer/download.html",
"refsource": "MISC",
"url": "https://helpu.co.kr/customer/download.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"assignerShortName": "krcert",
"cveId": "CVE-2020-7862",
"datePublished": "2021-06-24T10:15:14.096Z",
"dateReserved": "2020-01-22T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:06:17.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7862 (GCVE-0-2020-7862)
Vulnerability from nvd – Published: 2021-06-24 10:15 – Updated: 2024-09-16 23:06
VLAI
Title
HelpU Overflow Vulnerability
Summary
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process.
Severity
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://krcert.or.kr/krcert/secNoticeView.do?bull… | x_refsource_MISC |
| https://helpu.co.kr/customer/download.html | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Helpu,inc | HelpuViewer.exe |
Affected:
2018.5.21.0 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuServer.exe |
Affected:
1.0.0.2 , ≤ 2020.11.20.0
(custom)
|
|
| Helpu,inc | HelpuFTClient.dll |
Affected:
3.0.0.0 2020.11.20.0
|
|
| Helpu,inc | HelpuFTServer.dll |
Affected:
3.0.0.0 2020.11.20.0
|
Date Public
2021-06-23 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x86, x64"
],
"product": "HelpuViewer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "2018.5.21.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuServer.exe",
"vendor": "Helpu,inc",
"versions": [
{
"lessThanOrEqual": "2020.11.20.0",
"status": "affected",
"version": "1.0.0.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTClient.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
},
{
"platforms": [
"x86, x64"
],
"product": "HelpuFTServer.dll",
"vendor": "Helpu,inc",
"versions": [
{
"status": "affected",
"version": "3.0.0.0 2020.11.20.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"datePublic": "2021-06-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-24T10:15:14.000Z",
"orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"shortName": "krcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://helpu.co.kr/customer/download.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "HelpU Overflow Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vuln@krcert.or.kr",
"DATE_PUBLIC": "2021-06-23T05:51:00.000Z",
"ID": "CVE-2020-7862",
"STATE": "PUBLIC",
"TITLE": "HelpU Overflow Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HelpuViewer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "2018.5.21.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuServer.exe",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_affected": "\u003c=",
"version_name": "1.0.0.2",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTClient.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
},
{
"product_name": "HelpuFTServer.dll",
"version": {
"version_data": [
{
"platform": "x86, x64",
"version_name": "3.0.0.0",
"version_value": "2020.11.20.0"
}
]
}
}
]
},
"vendor_name": "Helpu,inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Jeongun Back for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094",
"refsource": "MISC",
"url": "https://krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36094"
},
{
"name": "https://helpu.co.kr/customer/download.html",
"refsource": "MISC",
"url": "https://helpu.co.kr/customer/download.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863",
"assignerShortName": "krcert",
"cveId": "CVE-2020-7862",
"datePublished": "2021-06-24T10:15:14.096Z",
"dateReserved": "2020-01-22T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:06:17.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}