CVE-2024-7262

🗓️ 15 Aug 2024 14:24:44Reported by ESETType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 272 Views

Improper path validation vulnerability in Kingsoft WPS Office allows arbitrary Windows library loading via deceptive spreadsheet

Reporter	Title	Published	Views	Family All 21
ATTACKERKB	CVE-2024-7262	15 Aug 202400:00	–	attackerkb
BDU FSTEC	The vulnerability of the MHTML export function in the Spreadsheet module of the WPS Office office software for Windows operating systems allows a malicious individual to perform arbitrary commands.	16 Sep 202400:00	–	bdu_fstec
Circl	CVE-2024-7262	15 Aug 202417:38	–	circl
CISA KEV Catalog	Kingsoft WPS Office Path Traversal Vulnerability	3 Sep 202400:00	–	cisa_kev
CISA	CISA Adds Three Known Exploited Vulnerabilities to Catalog	3 Sep 202412:00	–	cisa
CNNVD	Kingsoft WPS Office 路径遍历漏洞	15 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-7262 Arbitrary Code Execution in WPS Office	15 Aug 202414:24	–	cvelist
Japan Vulnerability Notes	JVN#32529796: Multiple products from KINGSOFT JAPAN vulnerable to path traversal	6 Sep 202400:00	–	jvn
Japan Vulnerability Notes	Multiple products from KINGSOFT JAPAN vulnerable to path traversal	6 Sep 202406:07	–	jvn
Tenable Nessus	Kingsoft WPS Office 12.2.0.13110 < 12.2.0.16412 Arbitrary Code Execution (CVE-2024-7262)	5 Sep 202400:00	–	nessus

NVD

Node

kingsoft wps_officeRange12.2.0.13110–12.2.0.16412

AND

microsoft windowsMatch-

[
  {
    "collectionURL": "https://www.wps.com/",
    "defaultStatus": "unknown",
    "platforms": [
      "Windows"
    ],
    "product": "WPS Office",
    "vendor": "Kingsoft",
    "versions": [
      {
        "lessThan": "12.2.0.16412",
        "status": "affected",
        "version": "12.2.0.13110",
        "versionType": "custom"
      }
    ]
  }
]