CVE-2022-45185

Name of the Vulnerable Software and Affected Versions SuiteCRM version 7.12.7

Description A problem was discovered in SuiteCRM where authenticated users can use CRM functions to upload malicious files. Then, deserialization can be used to achieve code execution.

Recommendations For SuiteCRM version 7.12.7, consider disabling file upload functionality through CRM functions until a patch is available. Restrict access to deserialization functions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.