CVE-2022-23763
HIGHNeoRS < 2021.3.10.1 - Origin Validation Error in ActiveX Module
Title source: llmDescription
Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66788
Scores
CVSS v3
7.8
EPSS
0.0029
EPSS Percentile
20.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-346
Status
published
Products (1)
douzone/neors
< 2021.3.10.1
Published
Jun 28, 2022
Tracked Since
Feb 18, 2026