A certain ActiveX control in BaiduBar.dll in Baidu Soba Search Bar 5.4 allows remote attackers to execute arbitrary code via a request containing "a link to download and a file to execute," possibly involving remote file inclusion.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.055
EPSS Ranking 89.7%