In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
k7computing k7 ultimate security 16.0.0117 |