CVE-2021-26618

Summary

An improper input validation leading to arbitrary file creation was discovered in ToWord of ToOffice. Remote attackers use this vulnerability to execute arbitrary file included malicious code.

Affected Software

VendorProductVersion RangeStatus
TmaxSoft Co., LtdToOfficeunspecified <= 3.15.5affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References