CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-27556

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.091

EPSS Ranking 92.3%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

https://privasec.com/blog/zentao-cms-a-monkeys-journey-to-priv-esc-remote-code-execution/
https://privasec.com/blog/zentao-cms-a-monkeys-journey-to-priv-esc-remote-code-execution/

Products affected by CVE-2021-27556

Easycorp » Zentao » Version: 12.5.3

cpe:2.3:a:easycorp:zentao:12.5.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27556

Products

Pricing

Contact Us