CVE-2019-12805
NC Launcher 2 Arbitrary Command Injection Vulnerability
NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have a vulnerability in the custom protocol handler that could allow remote attacker to execute arbitrary command. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. This can be leveraged for code execution in the context of the current user.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Productos afectados
NCSOFT · NC Launcher2¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →