CVE-2020-14425

HIGH

Foxit Reader < 10.0.0 - Remote Command Execution via app.opencPDFWebPage JavaScript API

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-14425. PoCs published by Nassim Asrir.

AI-analyzed exploit summary This is a PDF-based exploit for Foxit Reader that leverages the unsafe `app.opencPDFWebPage` JavaScript API to execute arbitrary local files, bypassing security dialogs. The PoC demonstrates command execution via `calc.exe`.

Description

Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nassim Asrir · localwindows

https://www.exploit-db.com/exploits/48982

View Code ZIP pw:eip

This is a PDF-based exploit for Foxit Reader that leverages the unsafe `app.opencPDFWebPage` JavaScript API to execute arbitrary local files, bypassing security dialogs. The PoC demonstrates command execution via `calc.exe`.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Foxit Reader before 10.0

No auth needed

Prerequisites: User interaction (opening the malicious PDF)

MITRE ATT&CK

T1204.002 - Malicious File

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://www.foxitsoftware.com/support/security-bulletins.php

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/48982

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/159784/Foxit-Reader-9.7.1-Remote-Command-Execution.html

Scores

CVSS v3 7.8

EPSS 0.3943

EPSS Percentile 98.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

foxitsoftware/foxit_reader 9.7.1 - 10.0.0

Published Nov 02, 2020

Tracked Since Feb 18, 2026