×

SOLUTIONS

MRZ Scanner

PRODUCTS

MRZ Scanner

See All Products

DEMOS

MRZ Scanner Web Demo

See All Demos

BOOK A SALES MEETING

DEVELOPERS

VISIT DEVELOPER CENTER

COMPANY

CONTACT US

DOWNLOAD 30-DAY FREE TRIAL

PRICING

USE CASES

ID Scanning

Inventory Management

Client Onboarding

MRZ Scanner

INDUSTRIES

Financial Services

Manufacturing

Logistics

Retail

Healthcare

Solutions

See All Solutions

DOCUMENT CAPTURE SDKS

Dynamic Web TWAIN

Cross-browser scanner SDK

Mobile Web Capture

Captures images of documents from mobile cameras

BARCODE SCANNING SDKS

Barcode Reader for Web

Barcode Reader for Mobile

for native apps

Barcode Reader for Server/Desktop

C / C++ / .NET / Python / Java

Customize for Batch Scanning

INTELLIGENT OCR SDKS

MRZ Scanner

for passports, ID cards See All Products

DOCUMENT CAPTURE

Scan Documents from Scanners

Capture Documents from Cameras in Mobile Browsers

View and Annotate PDF

BARCODE SCANNING

Scan Barcodes from Video

Scan Barcodes from Images

Scan Barcodes on iOS

[Mobile Native]

Scan Barcodes on Android

[Mobile Native]

INTELLIGENT OCR

MRZ Scanner Web Demo

BOOK A SALES MEETING

Request Trial License

Try Online Demo

Download Trial SDK

Documentation

GitHub Repo

Dev Blog

Developer center

Developer Center

Contact Us

About Us

News

Awards

Customer Stories

Customer Support

Blog

Partner Program

Customer Stories

Security Bulletin: Security vulnerability in Dynamic Web TWAIN

Summary:

Due to an issue in the client-side Dynamsoft Service component in Dynamic Web TWAIN, there is a risk that malicious code could be executed remotely. This bulletin identifies the steps to take to address the vulnerability.

Affected Products and Versions:

Dynamsoft Service 1.8.x before 1.8.2014, Dynamsoft Service 1.7.x before 1.7.4212, Dynamsoft Service 1.6.x before 1.6.3212, Dynamsoft Service 1.5.x before 1.5.31212, Dynamsoft Service 1.4.x before 1.4.3212, Dynamsoft Service 1.0.516 through 1.3.0115

Vulnerability Details:

Due to inadequate verification processes in the client-side component of the Dynamsoft Service module of Dynamsoft Dynamic Web TWAIN, there is a risk that malicious code could be remotely executed. This vulnerability poses a potential threat to the security of end-user machines.

Remediation/Fixes:

We strongly recommend all users upgrade for all affected products/versions above by installing the fix here. The update addresses the vulnerability and significantly reduces the risk of exploitation.