cbcvebase.
CVE-2023-0104
published 2023-02-22

CVE-2023-0104: The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker…

PriorityP353high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
21.85%
97.3th percentile
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data.

Affected

3 ranges
VendorProductVersion rangeFixed in
weintekeasybuilder_pro< 6.07.02.4806.07.02.480
weintekeasybuilder_pro>= 6.08.01.190 < 6.08.01.3506.08.01.350
weintekeasybuilder_pro_cmt<= 6.07.01
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.