Arbitrary Command Execution Vulnerability in Handy Groupware 1.7.3.1

Arbitrary Command Execution Vulnerability in Handy Groupware 1.7.3.1

CVE-2020-7804 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7, 8, and 10 allows an attacker to execute arbitrary command via the ShellExec method.

Learn more about our Web Application Penetration Testing UK.