Описание
Remote code execution vulnerability due to insufficient verification of URLs, etc. in OndiskPlayerAgent. A remote attacker could exploit the vulnerability to cause remote code execution by causing an arbitrary user to download and execute malicious code.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:etm-s:ondiskplayeragent:1.3.8.12:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00126
Низкий
7.8 High
CVSS3
Дефекты
CWE-345
CWE-345
Связанные уязвимости
CVSS3: 7.8
github
около 3 лет назад
Remote code execution vulnerability due to insufficient verification of URLs, etc. in OndiskPlayerAgent. A remote attacker could exploit the vulnerability to cause remote code execution by causing an arbitrary user to download and execute malicious code.
EPSS
Процентиль: 32%
0.00126
Низкий
7.8 High
CVSS3
Дефекты
CWE-345
CWE-345