CVE-2017-10815

HIGH

MaLion for Windows/Mac <=5.2.1 - Unauthenticated Remote Command Execution

Title source: llm

Description

MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed) and MaLion for Mac 4.0.1 to 5.2.1 (only when "Remote Control" is installed) allow remote attackers to bypass authentication to execute arbitrary commands or operations on Terminal Agent.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

http://www.intercom.co.jp/information/2017/0801.html

Third Party Advisory, VDB Entry x_refsource_misc

https://jvn.jp/en/vu/JVNVU91587298/index.html

Scores

CVSS v3 8.1

EPSS 0.0234

EPSS Percentile 81.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-287

Status published

Products (3)

intercom/malion < 5.2.1 (2 CPE variants)

Intercom, Inc./MaLion for Mac 4.0.1 to 5.2.1 (only when "Remote Control" is installed)

Intercom, Inc./MaLion for Windows 5.2.1 and earlier (only when "Remote Control" is installed)

Published Aug 04, 2017

Tracked Since Feb 18, 2026