Weintek Easybuilder Pro vulnerabilities
2 known vulnerabilities affecting weintek/easybuilder_pro.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-0104P3HIGHCVSS 7.8fixed in 6.07.02.480≥ 6.08.01.190, < 6.08.01.3502023-02-22
CVE-2023-0104 [HIGH] CWE-29 CVE-2023-0104: The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decomp
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data.
nvd
CVE-2023-5777P3CRITICALCVSS 9.8fixed in 6.07.02≥ 6.08.01.190, < 6.08.01.614+3 more2023-11-06
CVE-2023-5777 [CRITICAL] CWE-798 CVE-2023-5777: Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately d
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.
nvd