Dewesoft

dewesoft

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Dewesoft

dewesoft

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-7756 1Dewesoft 1Dewesoft Nov 21, 2024 Mar 15, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote attackers to execute arbitrary code or access internal commands, as...Show more RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote attackers to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE file located at an arbitrary external URL, or a "SETFIREWALL Off" command.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2018-7756

1Dewesoft

Nov 21, 2024

Mar 15, 2018

N/A· v4

9.8 CRITICAL· v3

10.0 HIGH· v2

RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote attackers to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE file located at an arbitrary external URL, or a "SETFIREWALL Off" command.Show less