Описание
The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до rs10 (включая)
Одновременно
cpe:2.3:a:douzone:neors:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00734
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-20
CWE-20
Связанные уязвимости
github
около 4 лет назад
The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX.
EPSS
Процентиль: 72%
0.00734
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-20
CWE-20