CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-44827

An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an attacker to execute arbitrary code via a crafted script to the Office Conversion Settings function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.7%

CVSS Severity

CVSS v3 Score 8.8

References

https://spotted-topaz-6aa.notion.site/Zentao-Authorized-Remote-Code-Execution-Vulnerability-CVE-2023-44827-be731cbe8607496cae35c08cb9ba2436
https://spotted-topaz-6aa.notion.site/Zentao-Authorized-Remote-Code-Execution-Vulnerability-CVE-2023-44827-be731cbe8607496cae35c08cb9ba2436

Products affected by CVE-2023-44827

Easycorp » Zentao » Version: N/A

cpe:2.3:a:easycorp:zentao:-
Easycorp » Zentao » Version: 18.6

cpe:2.3:a:easycorp:zentao:18.6
Easycorp » Zentao Biz » Version: N/A

cpe:2.3:a:easycorp:zentao_biz:-
Easycorp » Zentao Biz » Version: 8.6

cpe:2.3:a:easycorp:zentao_biz:8.6
Easycorp » Zentao Max » Version: N/A

cpe:2.3:a:easycorp:zentao_max:-
Easycorp » Zentao Max » Version: 4.7

cpe:2.3:a:easycorp:zentao_max:4.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44827

Products

Pricing

Contact Us