Skygroup Skysea Client View vulnerabilities
9 known vulnerabilities affecting skygroup/skysea_client_view.
Total CVEs
9
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH7MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2016-7836P1CRITICALCVSS 9.8KEV≤ 11.221.032017-06-09
CVE-2016-7836 [CRITICAL] CWE-287 CVE-2016-7836: SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing a
SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.
nvd
CVE-2026-39454P3HIGHCVSS 8.5≤ 21.200.07j2026-04-20
CVE-2026-39454 [HIGH] CWE-276 CVE-2026-39454: SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder
SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installation folder of the product. As a result, arbitrary code may be executed with the administrative privilege.
nvd
CVE-2024-41726P3HIGHCVSS 7.5≥ 15.200.13i, < 19.300.09h2024-07-29
CVE-2024-41726 [HIGH] CWE-22 CVE-2024-41726: Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vu
Path traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary executable file may be executed by a user who can log in to the PC where the product's Windows client is installed.
nvd
CVE-2024-41139P3HIGHCVSS 7.8≥ 6.010.06, < 19.300.09h2024-07-29
CVE-2024-41139 [HIGH] CWE-266 CVE-2024-41139: Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19.210.04e. If a user who can log in to the PC where the product's Windows client is installed places a specially crafted DLL file in a specific folder, arbitrary code may be executed with SYSTEM privilege.
nvd
CVE-2024-41143P3HIGHCVSS 7.8≥ 3.013.00, ≤ 19.210.04e2024-07-29
CVE-2024-41143 [HIGH] CWE-346 CVE-2024-41143: Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. I
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed.
nvd
CVE-2024-21805P3HIGHCVSS 7.8≥ 16.100.06f, < 19.300.09h2024-03-12
CVE-2024-21805 [HIGH] CWE-284 CVE-2024-21805: Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions f
Improper access control vulnerability exists in the specific folder of SKYSEA Client View versions from Ver.16.100 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary file may be placed in the specific folder by a user who can log in to the PC where the product's Windows client is installed. In case the file is a specially crafted DLL
nvd
CVE-2024-24964P3MEDIUMCVSS 6.3≥ 11.220.05p, ≤ 19.101.01a2024-03-12
CVE-2024-24964 [MEDIUM] CVE-2024-24964: Improper access control vulnerability exists in the resident process of SKYSEA Client View versions
Improper access control vulnerability exists in the resident process of SKYSEA Client View versions from Ver.11.220 prior to Ver.19.2. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed.
nvd
CVE-2020-5617P3HIGHCVSS 7.8≥ 12.200.12n, ≤ 15.210.05f2020-08-04
CVE-2020-5617 [HIGH] CWE-269 CVE-2020-5617: Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an atta
Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors.
nvd
CVE-2021-20616P4HIGHCVSS 7.8≥ 1.020.05b, ≤ 16.001.01g2021-01-13
CVE-2021-20616 [HIGH] CWE-427 CVE-2021-20616: Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.0
Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver.16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
nvd