CVE-2020-7846
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cnesty | Helpcom | < 10.0 | affected |
Weaknesses
- CWE-321: CWE-321 Use of Hard-coded Cryptographic Key
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.