Siben

**Name of the Vulnerable Software and Affected Versions** mIRC versions prior to 7.55 **Description** The issue allows remote command execution through argument injection by using custom URI protocol handlers. An attacker can specify an irc:// URI to load an arbitrary .ini file from a UNC share pathname. The exploitation depends on browser-specific URI handling, with Chrome not being exploitable. **Recommendations** For versions prior to 7.55, update to version 7.55 or later to resolve the issue. As a temporary workaround, consider restricting the handling of custom URI protocols to minimize the risk of exploitation.