CVE-2023-3232

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-3232

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3232.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-3232

Published

2023-06-14T06:15:09.080Z

Modified

2025-11-15T06:33:04.147028Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/app_auth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231503. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

References

Affected packages

Git / github.com/crmeb/crmeb

Affected ranges

Type: GIT
Repo: https://github.com/crmeb/crmeb
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

ac1681888a43087cf073f20cf11311d9c0171b20

Affected versions

v2.*

v2.6

v2.6.0

v4.*

v4.4.2

v4.4.4

v4.6.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3232.json"