CVE-2022-45185 Information

Description

An issue was discovered in SuiteCRM 7.12.7. Authenticated users can use CRM functions to upload malicious files. Then deserialization can be used to achieve code execution.

Reference

https://docs.suitecrm.com/admin/releases/7.12.x/ https://github.com/Orange-Cyberdefense/CVE-repository/ https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_SuiteCRM.py