Описание
In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.3.6 (включая) до 2.5.30 (исключая)
cpe:2.3:a:yettiesoft:vestcert:*:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00809
Низкий
8.4 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-829
CWE-829
Связанные уязвимости
CVSS3: 8.4
github
больше 2 лет назад
In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.
EPSS
Процентиль: 74%
0.00809
Низкий
8.4 High
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-829
CWE-829