Arbitrary File Creation Vulnerability in ToWord of ToOffice
CVE-2021-26618 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included malicious code.
Learn more about our Cis Benchmark Audit For Microsoft Office.