Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a certain ActiveX control in vpnweb.ocx, aka Bug ID CSCsy00904.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco AnyConnect Secure Mobility Client helper应用程序任意代码执行漏洞
Vulnerability Description
基于Windows和Windows Mobile平台的Cisco AnyConnect Secure Mobility Client(之前名为AnyConnect VPN Client)2.3.185之前版本中的helper应用程序下载了客户端可执行文件,而未验证该文件的可靠性。远程攻击者可以通过欺骗VPN前端服务器执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A