본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2021-26636 | Maxboard Remote Code Execution2022.06.22
□ Overview
 o MaxBoard released security update to address Remote Code Execution vulnerability in MaxBoard.
Vulnerability
Vulnerability Type Impact Severity CVSS Score CVE ID
Remote Code Execution Information exposure
and Privilege escalation
High 8.8 CVE-2021-26636

□ Description
 o Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation.

□ Affected Product
Affected Product
Product Version Platform
MaxBoard prior of 1.9.6.1 Linux

□ Solution
 o Update software over MaxBoard 1.9.6.2 version or higher.

□ Reference
[1] https://maxb.kr/

□ Acknowledgements
 o Thanks to Inbong Song for reporting this vulnerability.


□ 작성 : 침해사고분석단 취약점분석팀