o RAONwiz Co,Ltd released security update to address arbitrary file execution vulnerability in Dext5 Upload
|Arbitrary File Execution
o dext5.ocx ActiveX Control in Dext5 Upload contains a vulnerability that could allow remote files to be executed
by setting the arguments to the activex method. (CVE-2019-19164)
o A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code
□ Affected Product
|dext.ocx ActiveX Control in Dext5 Upload
||184.108.40.206 and prior
o Update software over dext5.ocx ActiveX Control 220.127.116.11 version or higher.
o Thanks to Donghyun Yu for reporting this vulnerability.
□ 작성 : 침해사고분석단 취약점분석팀