Vulnerability Details CVE-2025-63685
Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the insecure loading of system libraries. Specifically, the application does not validate the path or signature of [regsvr32.exe] it loads. An attacker can place a crafted malicious DLL in the application's startup directory, which will be loaded and executed when the user launches the program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-63685
-
cpe:2.3:a:quark:quark_cloud_drive:3.23.2