CVE-2022-23763

HIGH

Douzone Neors < 2021.3.10.1 - Origin Validation Error

Title source: rule

Description

Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.

References (1)

[Third Party Advisory] https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66788

Scores

CVSS v3 7.8

EPSS 0.0013

EPSS Percentile 32.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-346

Status published

Affected Products (1)

douzone/neors < 2021.3.10.1

Timeline

Published Jun 28, 2022

Tracked Since Feb 18, 2026