SoftPAC Project Version 9.6 and Prior: Unspecified DLL Path Vulnerability

SoftPAC Project Version 9.6 and Prior: Unspecified DLL Path Vulnerability

CVE-2020-10616 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts.

Learn more about our Web Application Penetration Testing UK.