🔐 CVE Alert

CVE-2023-53875

UNKNOWN 0.0

GOM Player 2.3.90.5360 Remote Code Execution via Insecure IE Component

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its Internet Explorer component that allows attackers to execute arbitrary code through DNS spoofing. Attackers can redirect victims using a malicious URL shortcut and WebDAV technique to run a reverse shell with SMB server interaction.

CWE CWE-319
Vendor gomlab
Product gom player
Published Dec 15, 2025
Last Updated Apr 7, 2026
Stay Ahead of the Next One

Get instant alerts for gomlab gom player

Be the first to know when new unknown vulnerabilities affecting gomlab gom player are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Gomlab / GOM Player
2.3.90.5360

References

NVD ↗ CVE.org ↗ EPSS Data ↗
exploit-db.com: https://www.exploit-db.com/exploits/51719 gomlab.com: https://www.gomlab.com/ vulncheck.com: https://www.vulncheck.com/advisories/gom-player-remote-code-execution-via-insecure-ie-component

Credits

M. Akil Gündoğan