A code execution vulnerability exists in the Login method of Sunway ForceControl YRWXls.ocx. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
Exploit Platform
Exploit Type
Product Name