Awingsoft.Winds3d.Command.Execution

description-logoDescription

This indicates an attack attempt against a command-execution vulnerability in the Awingsoft Awakening Winds3D Viewer plugin.
The vulnerability is caused by an error when the vulnerable software handles a malicious Winds3D scene. It allows a remote attacker to execute arbitrary command by enticing the user to visit a malicious website.

affected-products-logoAffected Products

Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

Temporarily disable the affected plugin.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)