Windows 10 RCE: The exploit is in the link

https://positive.security/blog/ms-officecmd-rce