CVE-2023-45798
published 2023-10-30CVE-2023-45798: In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load…
PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.62%
45.2th percentile
In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yettiesoft | vestcert | >= 2.3.6 < 2.5.30 | 2.5.30 |
| yettiesoft | vestcert | 2.3.6 – 2.5.29 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-10-30
Published