Arbitrary File Creation and Execution Vulnerability in Helpu Solution

Arbitrary File Creation and Execution Vulnerability in Helpu Solution

CVE-2020-7867 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of administrator.

Learn more about our User Device Pen Test.