CVE-2018-14923

HIGH

Uniview EZPlayer 1.0.6 - Remote Code Execution via Video Playback

Title source: llm
STIX 2.1

Description

A vulnerability in uniview EZPlayer 1.0.6 could allow an attacker to execute arbitrary code on a targeted system via video playback.

References (1)

Core 1
Core References
Third Party Advisory x_refsource_misc
http://www.cnvd.org.cn/flaw/show/1325763

Scores

CVSS v3 7.8
EPSS 0.0141
EPSS Percentile 69.3%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
uniview/ezplayer 1.0.6
Published Aug 03, 2018
Tracked Since Feb 18, 2026