An authenticated privileged attacker could upload a specially crafted zip to the EspoCRM server in version 7.2.5, via the extension deployment form, which could lead to arbitrary PHP code execution.
Fixes

Solution

Users with administrator profile can load extensions and updates by design, as this is a functionality that most users use and request. It is possible to restrict exploitation of the vulnerability by enabling the "restrictedMode" option in the configuration menu.


Workaround

No workaround given by the vendor.

History

Tue, 03 Jun 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published:

Updated: 2025-06-03T13:52:15.298Z

Reserved: 2023-11-06T13:18:11.772Z

Link: CVE-2023-5966

cve-icon Vulnrichment

Updated: 2024-08-02T08:14:25.144Z

cve-icon NVD

Status : Modified

Published: 2023-11-30T14:15:13.450

Modified: 2024-11-21T08:42:52.887

Link: CVE-2023-5966

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.