Code Injection Vulnerability in DCE Install Packages
CVE-2023-37198 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote code execution when an admin user on DCE uploads or tampers with install packages.
Learn more about our User Device Pen Test.