Vulnerability Details CVE-2021-26623
A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-26623
-
cpe:2.3:a:bandisoft:bandizip:-
-
cpe:2.3:a:bandisoft:bandizip:3.00
-
cpe:2.3:a:bandisoft:bandizip:3.01
-
cpe:2.3:a:bandisoft:bandizip:3.02
-
cpe:2.3:a:bandisoft:bandizip:3.03
-
cpe:2.3:a:bandisoft:bandizip:3.04
-
cpe:2.3:a:bandisoft:bandizip:3.05
-
cpe:2.3:a:bandisoft:bandizip:3.06
-
cpe:2.3:a:bandisoft:bandizip:3.07
-
cpe:2.3:a:bandisoft:bandizip:3.08
-
cpe:2.3:a:bandisoft:bandizip:3.09
-
cpe:2.3:a:bandisoft:bandizip:3.10
-
cpe:2.3:o:microsoft:windows:-