본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2021-26619 | BigFileAgent arbitrary file Deleting vulnerability2022.02.18
□ Overview
 o Bluetree Co., Ltd released security update to address Path Traversal vulnerability in BigFileAgent.
Vulnerability
Vulnerability Type Impact Severity CVSS Score CVE ID
Path Traversal Arbitrary file deleting High 7.1 CVE-2021-26619

□ Description
 o An path traversal vulnerability leading to delete arbitrary files was discovered in BigFileAgent.
 o Remote attackers can use this vulnerability to delete arbitrary files of unspecified number of users.

□ Affected Product
Affected Product
Product Version Platform
BigFileAgent prior of 1.0.1.7 Windows

□ Solution
 o Update software over BigFileAgent 1.0.1.8 version or higher.

□ Reference
 [1] https://www.bigfile.co.kr/index.php

□ Etc
 o Thanks to Kim Si Wong for reporting this vulnerability.


□ 작성 : 침해사고분석단 취약점분석팀