CVE-2018-25357 – Dolibarr ERP CRM

CVSS 9.8 CRITICAL

“A remote code execution bug in business software can turn financial and operational systems into an attacker foothold.”

Dolibarr released a patch for a critical vulnerability affecting Dolibarr ERP CRM. CVE-2018-25357 has a CVSS score of 9.8, which is Critical severity.

The vulnerability is tied to improper code generation and execution handling that could allow remote code execution through crafted input. Public proof-of-concept code is available. The update strengthens input validation and execution protections to reduce the risk of attackers gaining unauthorized control over affected ERP and CRM environments.

Key Details

Affected Product: Dolibarr Dolibarr Erp/crm
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
CWE Classification: CWE-94

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2018-25357 – Dolibarr ERP CRM

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002