CVE-2020-7850

NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:douzone:nbbdownloader.ocx:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:37

Type Values Removed Values Added
References () http://help.neobizbox.com/ - Vendor Advisory () http://help.neobizbox.com/ - Vendor Advisory
References () https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35982 - Not Applicable, Third Party Advisory () https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35982 - Not Applicable, Third Party Advisory

Information

Published : 2021-03-29 16:15

Updated : 2024-11-21 05:37


NVD link : CVE-2020-7850

Mitre link : CVE-2020-7850

CVE.ORG link : CVE-2020-7850


JSON object : View

Products Affected

douzone

  • nbbdownloader.ocx

microsoft

  • windows
CWE
CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')