PT-2023-21328 · Wondershare · Wondershare Uniconverter
Yuan Lirong
·
Published
2023-04-04
·
Updated
2025-02-13
·
CVE-2023-27761
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wondershare UniConverter version 14.0.0
Description
An issue in Wondershare UniConverter allows a remote attacker to execute arbitrary commands via the uniconverter14 64bit setup full14204.exe file.
Recommendations
For Wondershare UniConverter version 14.0.0, consider removing or restricting access to the uniconverter14 64bit setup full14204.exe file as a temporary mitigation measure until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wondershare Uniconverter