CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
98.6%
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.
Vendor | Product | Version | CPE |
---|---|---|---|
visiwave | site_survey | * | cpe:2.3:a:visiwave:site_survey:*:*:*:*:*:*:*:* |
visiwave | site_survey | 1.6.12 | cpe:2.3:a:visiwave:site_survey:1.6.12:*:*:*:*:*:*:* |
visiwave | site_survey | 2.0.12 | cpe:2.3:a:visiwave:site_survey:2.0.12:*:*:*:*:*:*:* |