CVE-2020-7810

Summary

hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of integrity verification of the policy files referenced in the update process, and a remote attacker could induce a user to crafted web page, causing damage such as malicious code infection.

Affected Software

VendorProductVersion RangeStatus
Handysoft, Inc.hslogin2.dllunspecified <= 6.7.8.4affected
Handysoft, Inc.hslogin2.dllunspecified <= 7.3.4affected

Weaknesses

  • CWE-353: CWE-353 Missing Support for Integrity Check

ADP Enrichment

CVE Program Container

Additional References

References