Описание
Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2021.3.10.1 (исключая)
Одновременно
cpe:2.3:a:douzone:neors:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00131
Низкий
7.8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-346
CWE-346
Связанные уязвимости
CVSS3: 8.8
github
около 3 лет назад
Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.
EPSS
Процентиль: 34%
0.00131
Низкий
7.8 High
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-346
CWE-346