exploitDog

CVE-2024-50307

Опубликовано: 28 окт. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 5.5

EPSS Низкий

Описание

Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed on the device that runs Chatwork Desktop Application (Windows).

Ссылки

https://jvn.jp/en/jp/JVN78335885/

EPSS

Процентиль: 3%

0.00015

Низкий

5.5 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-676

Связанные уязвимости

GHSA-9f82-h4f2-23mg

CVSS3: 5.5

github

больше 1 года назад

Use of potentially dangerous function issue exists in Chatwork Desktop Application (Windows) versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed on the device that runs Chatwork Desktop Application (Windows).

EPSS

Процентиль: 3%

0.00015

Низкий

5.5 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-676