Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
handysoft groupware arbitrary file download and execution vulnerability
Vulnerability Description
An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft Co., Ltd groupware ActiveX module. This issue is due to missing support for integrity check of download URL or downloaded file hash.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
缺失完整性检查支持
Vulnerability Title
Handysoft 数据伪造问题漏洞
Vulnerability Description
Handysoft是韩国HANDYSOFT(Handysoft)公司的一个用于智能办公的协作解决方案。 Handysoft 的ActiveX控件的HShell.dll存在安全漏洞,该漏洞源于缺少对下载URL或下载文件哈希完整性检查。攻击者可利用该漏洞下载和执行任意文件
CVSS Information
N/A
Vulnerability Type
N/A