QwikSec

Security Database

CVE

CWE

Training

CVE-2022-4983

Published: Nov 12, 2025

Modified: Nov 13, 2025

PUBLISHED

Description

TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control's licensing handling (INI-file based) that can be abused to cause remote creation of files on the host filesystem. Depending on where files can be created and which filenames are allowed, this can allow attackers to write files that lead to code execution or persistence under the context of the hosting process.

Vendor	Product	Versions
TEC-IT Datenverarbeitung GmbH, Austria	TEC-IT TBarCode	affected `11.15`

Weaknesses (CWE)

References

https://www.tec-it.com/en/software/barcode-software/tbarcode/history/v10/Default.aspx

release-notes

patch

https://www.vulncheck.com/advisories/tec-it-tbarcode-sdk-remote-file-create

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.