eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00904
Percentile:
0.74761
CVSS Scoring
CVSS v2 Score: 7.5
Severity:
Affected Products
- cpe:2.3:a:emc:eroom:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:emc:eroom:6.0.7:*:*:*:*:*:*:*
← Back to Home