CVE-2020-7806

Critical

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform…

krcert·CWE-494·Published 2020-05-06

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

202 chars

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution.

NVDen

202 chars

NVDes

235 chars

Tobesoft Xplatform versiones 9.2.2.250 y anteriores, presentan una vulnerabilidad de ejecución de código arbitraria al usar el método compatible de Xplatform ActiveX Control. Permite a un atacante causar una ejecución de código remota.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H