CVE-2023-45798

Summary

In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.

Affected Software

VendorProductVersion RangeStatus
YettiesoftVestCert2.3.6 <= 2.5.29affected

Weaknesses

  • CWE-829: CWE-829 Inclusion of Functionality from Untrusted Control Sphere

ADP Enrichment

CVE Program Container

Additional References

References