CVE-2019-17326

Summary

ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker to arbitrary file deletion by issuing a HTTP GET request with a specially crafted parameter. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

Affected Software

VendorProductVersion RangeStatus
ClipSoftREXPERT1.0.0.527 and earlieraffected

Weaknesses

  • CWE-264: Permissions, Privileges, and Access Controls (CWE-264)

ADP Enrichment

CVE Program Container

Additional References

References