Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-5322

CWE-78OS Command Injection4 documents4 sources
Severity
7.5HIGH
EPSS
34.5%
top 3.00%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Visual Foxpro
Timeline
PublishedOct 9
Latest updateMay 1

Description

Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro 6.0 allows remote attackers to execute arbitrary programs by specifying them as an argument to the FoxDoCmd function.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-f8g8-rvj9-6xc4: Insecure method vulnerability in the FPOLE2022-05-01
CVEList
CVE-2007-5322: Insecure method vulnerability in the FPOLE2007-10-09

💥Exploits & PoCs

1
Exploit-DB
Microsoft Visual FoxPro 6.0 - 'FPOLE.OCX' Arbitrary Command Execution2007-10-09
CVE-2007-5322 (HIGH CVSS 7.5) | Insecure method vulnerability in th | cvebase.io