CVE-2023-45798

Name of the Vulnerable Software and Affected Versions Yettiesoft VestCert versions 2.36 to 2.5.29

Description A vulnerability exists in Yettiesoft VestCert due to improper validation of third-party modules. This allows malicious actors to load arbitrary third-party modules, leading to remote code execution.

Recommendations For Yettiesoft VestCert versions 2.36 to 2.5.29, consider disabling the loading of third-party modules until a patch is available to prevent remote code execution. Restrict access to the module loading functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.