CVE-2023-3234

CVSS Score of 10 (low)

Details

Published Jun 14, 2023
Updated: May 17, 2024
CWE ID 502

Summary

A vulnerability with the CVE ID CVE-2023-3234 has been discovered in Zhong Bang CRMEB up to version 4.6.0. The vulnerability lies in the put_image function of the file api/controller/v1/PublicController.php, which can be exploited remotely through manipulation leading to deserialization. The exploit has been made public and may be used by attackers. The affected products include p_RpRP, jDIckb, jDIcka, tz5N1c, p_RpRY, p_RpRZ, jDIckc, p_RpRa, p_RpRU, p_RpRV, p_RpRW, p_RpRX, p_RpRQ, p_RpRR, p_RpRS, f3LUfU and p_RpRT. Remediation steps have not been provided in the available information. This vulnerability poses a potential danger to organizations as it has a high base severity rating of 9.8 (out of 10) and can impact confidentiality and integrity.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3234 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options