본문내용 바로가기 메인메뉴 바로가기

하단내용 바로가기

Security Advisory (Korean)

Security Advisory Detail
CVE-2018-5203 | Devpia DEXTUploadX5 file download and execution vulnerability2018.12.27
□ Overview
o Devpia release security updates to address a file download and execution vulnerability in DEXTUploadX5.
Vulnerability type Impact Severity CVE ID
File download & execution code execution Critical CVE-2018-5203

□ Description
o DEXTUploadX5 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.

□ Affected Products
Product Version
DEXTUploadX5 1.0.0.0 ~ 2.2.0.0

□ Solution
o Update software over DEXTUploadX5 2.2.1.0 version

□ Reference site
o https://www.dextsolution.com/product/uploadX5_01.aspx