SoftPAC Project Version 9.6 and Prior: Unspecified DLL Path Vulnerability
CVE-2020-10616 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts.
Learn more about our Web Application Penetration Testing UK.