Home

Description

An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution.

PUBLISHED Reserved 2022-11-11 | Published 2025-01-07 | Updated 2025-01-08 | Assigner mitre

References

github.com/...VE-repository/blob/master/PoCs/poc_SuiteCRM.py exploit

docs.suitecrm.com/admin/releases/7.12.x/

github.com/Orange-Cyberdefense/CVE-repository/

github.com/...VE-repository/blob/master/PoCs/poc_SuiteCRM.py

cve.org (CVE-2022-45185)

nvd.nist.gov (CVE-2022-45185)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.