Remote Code Execution Vulnerability in Dext5 Upload ActiveX Control

Remote Code Execution Vulnerability in Dext5 Upload ActiveX Control

CVE-2019-19164 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.

Learn more about our Web App Pen Testing.