CVE-2023-45798

Critical

In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows…

krcert·CWE-829·Published 2023-10-30

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

223 chars

In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.

NVDen

223 chars

NVDes

258 chars

En Yettiesoft VestCert versiones 2.36 a 2.5.29, existe una vulnerabilidad debido a una validación incorrecta de módulos de terceros. Esto permite a actores malintencionados cargar módulos arbitrarios de terceros, lo que lleva a la ejecución remota de código.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	8.4	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H