Arbitrary Code Execution Vulnerability in Tobesoft Xplatform ActiveX Control

Arbitrary Code Execution Vulnerability in Tobesoft Xplatform ActiveX Control

CVE-2020-7806 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution.

Learn more about our Web Application Penetration Testing UK.