216.73.217.86

CVE-2023-53875

· Published 15/12/2025 21:15 · Modified 18/12/2025 22:35

Labels: CVE-2023-53875 2025-12-15CVE-2023-53875[email protected]

Essential information

Published
15/12/2025 21:15
Modified
18/12/2025 22:35
Author
Creator
CVSS
7.5 HIGH (v3) 7.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
gomlab / gom player cpe:2.3:a:gomlab:gom_player:2.3.90.5360:*:*:*:*:*:*:*

References