The host is installed with Evernote before 6.17.7 and is prone to an arbitrary command execution vulnerability. A flaw is present in the application, which fails to handle an issue with protocol handler. Successful exploitation allows attackers to execute arbitrary commands through a specially crafted URL.