The Qt5 application, depending on certain metadata, will automatically execute those plugins pointed by platformpluginpath as soon as they are loaded in memory.
myTest.exe -platformpluginpath C:/Path-of-library/specific
will load and execute all DLLs in the C:/Path-of-library/specific/imageformats directory.
Now this remote “share” contains an “imageformats” directory that holds a “malicious.dll” file. Now since Qt Load plugins based on the metadata so dll name does not matter.
if a user register custom URL scheme for one application in Windows, e.g.
app://. User has this application installed and URL scheme registered.
Create webpage with link to 'app://? "-platformpluginpath
When user opens such page on his PC and clicks this link your application is
started on bis machine and platform plugin is loaded from shared folder. This
platform plugin can be qwindows.dll with injected code.
There two nicely detailed article here about this potential dangerous situation: