Описание
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.0 (исключая)
cpe:2.3:a:cnesty:helpcom:*:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.00475
Низкий
8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-321
CWE-798
Связанные уязвимости
github
больше 3 лет назад
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.
EPSS
Процентиль: 64%
0.00475
Низкий
8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-321
CWE-798