WellinTech KingView ActiveX Multiple Arbitrary File Overwrite Vulnerabilities
Medium Nessus Plugin ID 70292
SynopsisThe remote host has software installed that is affected by multiple arbitrary file overwrite vulnerabilities.
DescriptionThe WellinTech KingView KChartXY.ocx and SuperGrid.ocx ActiveX controls installed on the remote host do not properly sanitize user input, which allows an attacker to overwrite arbitrary files.
Note that Nessus has not tested for these issues, but instead checked that the ActiveX controls were present on the machine.
SolutionInstall the patches or implement one of the workarounds referenced in the vendor's advisory.