| CVE ID |
CVE-2023-0104 |
| Severity |
Critical |
| Affected Vendors |
Weintek |
| Affected Products |
EasyBuilder Pro v6.07.01 and prior, EasyBuilder Pro v6.07.02.479 and prior, EasyBuilder Pro v6.08.01.349 and prior |
| Vulnerability Details |
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data. |
| Solutions & Rules |
· Fixed in EasyBuilder Pro to v6.07.02.480, v6.08.01.350 or later |
| Credit |
Hank Chen and Mars Cheng of TXOne Networks |