Vulnerability Description
NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Douzone | Nbbdownloader.Ocx | <= 1.0.0.12 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://help.neobizbox.com/Vendor Advisory
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35982Not ApplicableThird Party Advisory
- http://help.neobizbox.com/Vendor Advisory
- https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35982Not ApplicableThird Party Advisory
FAQ
What is CVE-2020-7850?
CVE-2020-7850 is a vulnerability with a CVSS score of 7.8 (HIGH). NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker co...
How severe is CVE-2020-7850?
CVE-2020-7850 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-7850?
Check the references section above for vendor advisories and patch information. Affected products include: Douzone Nbbdownloader.Ocx, Microsoft Windows.