{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-20T11:49:27.296","vulnerabilities":[{"cve":{"id":"CVE-2020-7867","sourceIdentifier":"vuln@krcert.or.kr","published":"2021-10-27T01:15:07.190","lastModified":"2026-06-17T03:25:34.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of administrator."},{"lang":"es","value":"Una vulnerabilidad de comprobación de entrada inapropiada en Helpu solution podría permitir a un atacante local la creación y ejecución arbitraria de archivos sin hacer clic en el menú de transferencia de archivos. Es posible la creación de archivos en un directorio arbitrario para el usuario porque el programa de visualización recibe el archivo desde el agente con privilegio de administrador"}],"affected":[{"source":"vuln@krcert.or.kr","affectedData":[{"vendor":"HelpU","product":"HelpuViewer.exe","platforms":["Windows"],"versions":[{"version":"2018.5.21.0","lessThanOrEqual":"2018.5.21.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vuln@krcert.or.kr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vuln@krcert.or.kr","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:helpu:helpuviewer:2018.5.21.0:*:*:*:*:windows:*:*","matchCriteriaId":"6DA81C9C-27A9-4BA9-AECD-8BFDCA46C13D"}]}]}],"references":[{"url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36303","source":"vuln@krcert.or.kr","tags":["Third Party Advisory"]},{"url":"https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=36303","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}