CVE-2018-5197

Summary

A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters. An crafted malicious parameters could cause arbitrary command to execute.

Affected Software

VendorProductVersion RangeStatus
TOBESOFTXPLATFORM ActiveXextcommon.dll 9.2, 9.2.1, 9.2.2affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References