Vulnerabilities > CVE-2019-19164 - Unspecified vulnerability in Raonwiz Dext5 2.7

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

raonwiz

NVD

Published: 2020-05-07

Updated: 2021-10-29

Summary

dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.

Vulnerable Configurations

Part	Description	Count
Application	Raonwiz Raonwiz Dext5 2.7	1
Application	Microsoft Microsoft Activex *	1

References

https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35344
http://www.dext5.com/page/support/notice_view.aspx?pSeq=23