Vulnerability Details CVE-2019-14551
Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-14551
-
cpe:2.3:h:daskeyboard:das_keyboard_4q:-
-
cpe:2.3:h:daskeyboard:das_keyboard_5q:-
-
cpe:2.3:h:daskeyboard:das_keyboard_x50q:-
-
cpe:2.3:o:daskeyboard:das_q_software:-
-
cpe:2.3:o:daskeyboard:das_q_software:2.0.0
-
cpe:2.3:o:daskeyboard:das_q_software:2.0.1
-
cpe:2.3:o:daskeyboard:das_q_software:2.0.2
-
cpe:2.3:o:daskeyboard:das_q_software:2.0.3
-
cpe:2.3:o:daskeyboard:das_q_software:3.0.0
-
cpe:2.3:o:daskeyboard:das_q_software:3.1.0
-
cpe:2.3:o:daskeyboard:das_q_software:3.1.1
-
cpe:2.3:o:daskeyboard:das_q_software:3.1.2
-
cpe:2.3:o:daskeyboard:das_q_software:3.2.0
-
cpe:2.3:o:daskeyboard:das_q_software:3.2.1
-
cpe:2.3:o:daskeyboard:das_q_software:3.2.2
-
cpe:2.3:o:daskeyboard:das_q_software:3.2.3
-
cpe:2.3:o:daskeyboard:das_q_software:3.2.4