Xunlei.Thunder.DapPlayer.ActiveX.Code.Execution
Description
There is a buffer overflow vulnerability in an ActiveX control that is part of Xunlei Web Thunder 5.6.9.344. It may allow remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.
Affected Products
Xunlei Web Thunder 5.6.9.344
Impact
System compromise, remote code execution.
Recommended Actions
Currently we are not aware of any vendor supplied patches for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |