CVE-2022-4983
BaseFortify
Publication date: 2025-11-12
Last updated on: 2025-11-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tec-it | tbarcode | 11.15 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in TEC-IT TBarCode version 11.15 within the TBarCode11.ocx ActiveX/OCX control's licensing handling, which is based on an INI file. An attacker can exploit this flaw to remotely create files on the host filesystem. Depending on the location and names of the files that can be created, this may allow the attacker to execute code or maintain persistence under the context of the hosting process.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to write files on the affected system remotely, potentially leading to arbitrary code execution or persistence. This means an attacker could run malicious code or maintain long-term access on the system with the privileges of the hosting process, which could compromise system integrity and security.