Arbitrary File Download and Code Execution Vulnerability in Dext5.ocx ActiveX 5.0.0.116 and Earlier Versions

Arbitrary File Download and Code Execution Vulnerability in Dext5.ocx ActiveX 5.0.0.116 and Earlier Versions

CVE-2019-19169 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution.

Learn more about our Web Application Penetration Testing UK.