← volver
CVE-2020-7841

TOBESOFT XPLATFORM arbitrary hta file execution vulnerability

CVSS 8.8 HIGHEPSS 1.5%CWE-20
Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto://
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Productos afectados
TOBESOFT · XPLATFORM XPlatformLib922.dll

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35789