There is a buffer overflow vulnerability in an ActiveX control that is part of Xunlei Web Thunder 184.108.40.2064. It may allow remote attackers to execute arbitrary code via a long first argument to the DownURL2 method.
Xunlei Web Thunder 220.127.116.114
System compromise, remote code execution.
Currently we are not aware of any vendor supplied patches for this issue.