Akamai.Download.Manager.ActiveX.Insecure.Parameter.Used
Description
This indicates an attempt to exploit a parameter injection vulnerability in Akamai Download Manager.
The vulnerability is caused by an input validation error in Akamai Download Manager ActiveX Control 2.2.3.5, that occurs when processing some parameters. It allows remote attackers to save a downloaded file to an arbitrary location by tricking a user into visiting a malicious web page.
Affected Products
Akamai Download Manager ActiveX Control 2.2.3.5
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
Recommended Actions
Set the kill bit for CLSID "4871A87A-BFDD-4106-8153-FFDE2BAC2967".
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |