漏洞标题
Dext5上传ActiveX任意文件执行漏洞
漏洞描述信息
Dext5 ActiveX控件任意文件执行漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Dext5 Upload ActiveX Arbitrary File Execution Vulnerability
漏洞描述信息
dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
输入验证不恰当
漏洞标题
Raonwiz Dext5.ocx ActiveX 输入验证错误漏洞
漏洞描述信息
Raonwiz Dext5.ocx ActiveX是韩国Raonwiz公司的一款使用在Dext5 Upload文件传输软件开发工具包中的控件。 Raonwiz Dext5 Upload中的dext5.ocx ActiveX Control 5.0.0.112及之前版本存在输入验证错误漏洞。远程攻击者可通过诱使用户访问特制的网页利用该漏洞执行代码。
CVSS信息
N/A
漏洞类别
输入验证错误