# Exploit Title: GOM Player 2.3.90.5360 - Remote Code Execution (RCE)# Date: 26.08.2023# Author: M. Akil Gündoğan# Contact: https://twitter.com/akilgundogan# Vendor Homepage: https://www.gomlab.com/gomplayer-media-player/# Software Link: https://cdn.gomlab.com/gretech/player/GOMPLAYERGLOBALSETUP_NEW.EXE# Version: 2.3.90.5360 # Tested on: Windows 10 Pro x64 22H2 19045.3324# PoC Video: https://www.youtube.com/watch?v=8d0YUpdPzp8# Impacts: GOM player has been downloaded 63,952,102 times according to CNET. It is used by millions