CVE-2022-45185

High CVSS: 8.8

An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution.

Vendor

Salesagility

Product

Suitecrm

CWE

CWE-502

Yayın Tarihi

2025-01-07 20:15:28

Güncelleme

2025-04-15 18:38:13

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-502 Suitecrm HIGH Salesagility 2025

Referanslar

https://docs.suitecrm.com/admin/releases/7.12.x/ https://github.com/Orange-Cyberdefense/CVE-repository/ https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py

Benzer Kayıtlar

High

CVE-2025-64492

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 8.9.0…

Medium

CVE-2025-64493

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 8.…

Medium

CVE-2025-64491

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.…

High

CVE-2025-64489

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.…

High

CVE-2025-64490

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.…

High

CVE-2025-64488

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.…