Mirc · Mirc · CVE-2019-6453
**Name of the Vulnerable Software and Affected Versions**
mIRC versions prior to 7.55
**Description**
The issue allows remote command execution through argument injection by using custom URI protocol handlers. An attacker can specify an irc:// URI to load an arbitrary .ini file from a UNC share pathname. The exploitation depends on browser-specific URI handling, with Chrome not being exploitable.
**Recommendations**
For versions prior to 7.55, update to version 7.55 or later to resolve the issue. As a temporary workaround, consider restricting the handling of custom URI protocols to minimize the risk of exploitation.