CVE-2023-34207
CVSS V2 None
CVSS V3 None
Description
Unrestricted upload of file with dangerous type vulnerability in create template function in EasyUse MailHunter Ultimate 2023 and earlier allows remote authenticated users to perform arbitrary system commands with ‘NT Authority\SYSTEM‘ privilege via a crafted ZIP archive.
Overview
- CVE ID
- CVE-2023-34207
- Assigner
- ZUSO ART
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-10-17T03:35:35.535Z
- Last Modified Date
- 2023-10-17T03:35:35.535Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://zuso.ai/Advisory/ZA-2023-04 | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-34207 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34207 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 20:43:51 | Added to TrackCVE |