CVE-2020-7875

High

DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file…

krcert·CWE-494·Published 2021-10-28

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

237 chars

DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution.

NVDen

237 chars

NVDes

271 chars

DEXT5 Upload versiones 5.0.0.117 y anteriores, contienen una vulnerabilidad, que podría permitir a un atacante remoto descargar y ejecutar un archivo remoto al configurar el argumento, variable en el módulo activeX. Esto puede ser aprovechado para una ejecución de código

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H