← back
CVE-2020-14425

CVE-2020-14425

EPSS 39.4%
Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/159784/Foxit-Reader-9.7.1-Remote-Command-Execution.htmlunverifiedcve_referencewww.exploit-db.com/exploits/48982unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/159784/Foxit-Reader-9.7.1-Remote-Command-Execution.htmlhttps://www.exploit-db.com/exploits/48982https://www.foxitsoftware.com/support/security-bulletins.php