CVE-2019-19168 | Dext5 Upload ActiveX file download and execution vulnerability2020.04.29
o RAONwiz Co,Ltd released security update to address a file download and execution vulnerability in Dext5 Upload
File download & execution
o Dext5.ocx ActiveX Control in Dext5 Upload contains a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.(CVE-2019-19168)
□ Affected Product
Dext.ocx ActiveX Control in Dext5 Upload
18.104.22.168 and prior
o Update software over Dext5.ocx ActiveX Control 22.214.171.124 version or higher.