Browse all 8 CVE security advisories affecting Raonwiz. AI-powered Chinese analysis, POCs, and references for each vulnerability.
RAONWiz is a web application framework primarily used for developing enterprise portals and content management systems. Historically, it has been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS), and privilege escalation vulnerabilities, with eight CVEs recorded to date. These issues often stem from insufficient input validation and improper access controls. The framework's widespread adoption in Korean government and financial sectors has made it a high-profile target. In 2021, a critical RCE vulnerability (CVE-2021-38314) allowed unauthenticated attackers to execute arbitrary code, leading to widespread exploitation in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-7875 | RAONWIZ DEXT5 Upload ActiveX remote file execution vulnerability — DEXT5 UploadCWE-494 | 7.5 | High | 2021-10-28 |
| CVE-2020-7832 | RAONWIZ DEXT5 Upload remote code execution vulnerability — DEXT5 UploadCWE-20 | 8.8 | High | 2021-09-07 |
This page lists every published CVE security advisory associated with Raonwiz. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.