QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-53875

Back to search

CVE-2023-53875

Published: Dec 15, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction.

VendorProductVersions

Gomlab

GOM Player

affected
2.3.90.5360

Weaknesses (CWE)

CWE-319

References

GOM Lab Vendor Webpage
technical-description

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now