Vulnerability Details CVE-2022-27965
Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.9
References
- https://github.com/ycdxsb/Vuln/tree/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xlpd-CreateProcessW-Misuse-Binary-Hijack
- https://www.netsarang.com/en/xlpd-update-history/
- https://github.com/ycdxsb/Vuln/tree/main/NetSarang-CreateProcessW-Misuse-Binary-Hijack/Xlpd-CreateProcessW-Misuse-Binary-Hijack
- https://www.netsarang.com/en/xlpd-update-history/