CVE-2018-5204 | Infraware ML Report file download and execution vulnerability2018.12.27
o Infraware release security updates to address a file download and execution vulnerability in ML Report.
File download & execution
o ML Report contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
□ Affected Products
ML Report Enterprise
2.00.000.0000 ~ 2.18.628.5980
o Update software over ML Report 2.18.722.6228 version
□ Reference site