7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.5%
CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan.
CPE | Name | Operator | Version |
---|---|---|---|
cnet:catchup | cnet catchup | le | 1.3 |