CNNVD-202512-1122 Information

CNNVD ID

CNNVD-202512-1122

Related CVE

CVE-2021-47705

• CNNVD Published: 2025-12-09

Description (Chinese)

COMMAX UMS Client ActiveX Control是韩国COMMAX公司的一个浏览器插件。 COMMAX UMS Client ActiveX Control 1.7.0.2版本存在缓冲区错误漏洞，该漏洞源于CNC_Ctrl.dll存在堆缓冲区溢出问题，可能导致执行任意代码。

Description (English)

COMMAX UMS Company ActiveX Control is a browser plugin for COMMAX in Korea. Version 1.7.0.2 of COMMAX UMS ActiveX Control contains an error loophole in the buffer zone, which stems from the proliferation of the buffer zone in CNC Ctrl.dll and may lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

缓冲区错误

Affected Vendor

COMMAX

Published

2025-12-09

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/50232 https://www.vulncheck.com/advisories/cncctrl-dllunregisterserver-access-violation https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5664.php https://www.commax.com https://access.redhat.com/security/cve/cve-2021-47705