□ Overview
o Infomark released security update to address command injection vulnerability in KT Slim egg(IML500, IML520) wifi device.
| Vulnerability Type |
Impact |
Severity |
CVSS Score |
CVE ID |
| Command Injection |
Command Execution |
High |
7.5 |
CVE-2020-7805 |
□ Description
o An issue was discovered on KT Slim egg(IML500, IML520) wifi device. This issue is a command injection allowing remote attackers to execute arbitrary OS commands.(CVE-2020-7805)
□ Affected Product
| Product |
Version |
PlatForm |
| KT Slim egg (IML500, IML520) |
Firmware version 29.8.2018 and prior |
Linux |
□ Solution
o Update firmware over KT Slim egg firmware 10.2.2020 version or higher.
□ Reference
[1] infomark.co.kr/bbs/board/board.php?bo_table=download
□ Acknowledgements
o Thanks to Inhyung Lee for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀 |