Arbitrary Code Execution Vulnerability in EasyCorp ZenTao 12.5.3 Cron Job Tab

Arbitrary Code Execution Vulnerability in EasyCorp ZenTao 12.5.3 Cron Job Tab

CVE-2021-27556 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.

Learn more about our Web Application Penetration Testing UK.