← back
CVE-2020-7803

Zoneplayer ActiveX File Download Vulnerability

CVSS 7.8 HIGHEPSS 1.2%CWE-20
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 May 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
IMGTech Co,Ltd · Zoneplayer

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35346http://www.zoneplayer.co.kr/