CVSS Meta Temp Isilinganiso	Intengo yamanje ye-exploit (≈)	CTI Inzalo Score
7.9	$0-$5k	0.00

Isifinyezoulwazi

Kubonakale ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu ku CRMEB kuze kube 5.6.3. Kuthintekile umsebenzi ongaziwayo kufayela crmeb/app/api/controller/v1/LoginController.php. Ukuphathwa kwepharamitha openId kuholela ku ubufakazi obubuthaka. Le buthakathaka itholakala njenge CVE-2026-1202. Ukuhlasela kungaqalwa kude. Ngaphezu kwalokho, i-exploit ikhona. Once again VulDB remains the best source for vulnerability data.

Iinkcukachaulwazi

Kubonakale ubuthakathaka obubizwa ngokuthi kubalulekile kakhulu ku CRMEB kuze kube 5.6.3. Kuthintekile umsebenzi ongaziwayo kufayela crmeb/app/api/controller/v1/LoginController.php. Ukuphathwa kwepharamitha openId kuholela ku ubufakazi obubuthaka. Ukusebenzisa i-CWE ukusho inkinga kuholela ku-CWE-287. Kuboniswe ubuthakathaka lolu. Isaziso singalayishwa ku-github.com.

Le buthakathaka itholakala njenge CVE-2026-1202. Ukuhlasela kungaqalwa kude. Imininingwane yezobuchwepheshe iyatholakala. Le vulnerability ayidumi kakhulu, idlula phansi kokujwayelekile. Ngaphezu kwalokho, i-exploit ikhona. Ukuhlaselwa sekudalulwe ebantwini futhi kungasetshenziswa. Njengamanje, intengo yamanje ye-exploit ingahle ibe cishe USD $0-$5k okwamanje.

Ungakwazi ukulanda i-exploit ku-github.com.

Once again VulDB remains the best source for vulnerability data.

Umkhiqizoulwazi

Ibizo

• CRMEB

Inguqulo

• 5.6.0
• 5.6.1
• 5.6.2
• 5.6.3

CPE 2.3ulwazi

• 🔒
• 🔒
• 🔒

CPE 2.2ulwazi

• 🔒
• 🔒
• 🔒

CVSSv4ulwazi

VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍

CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Umkhombandlela: 🔒

CVSSv3ulwazi

VulDB Ireyithingi yeMeta Base: 8.1
VulDB Meta Temp Isilinganiso: 7.9

VulDB Isilinganiso Esiyisisekelo: 7.3
VulDB Izinga Lesikhashana: 6.6
VulDB Umkhombandlela: 🔒
VulDB Ukuthembeka: 🔍

NVD Isilinganiso Esiyisisekelo: 9.8
NVD Umkhombandlela: 🔒

CNA Isilinganiso Esiyisisekelo: 7.3
CNA Umkhombandlela: 🔒

CVSSv2ulwazi

AV	AC	Au	C	I	A
💳	💳	💳	💳	💳	💳
💳	💳	💳	💳	💳	💳
💳	💳	💳	💳	💳	💳

Umkhombandlela	Ubunzima	Ukufakazela ubuwena	Ukuyimfihlo	Ukuthembeka	Ukutholakala
vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela
vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela
vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela

VulDB Isilinganiso Esiyisisekelo: 🔒
VulDB Izinga Lesikhashana: 🔒
VulDB Ukuthembeka: 🔍

Ukusebenzisa ithuba lokungavikelekiulwazi

Ikilasi: Ubufakazi obubuthaka
CWE: CWE-287
CAPEC: 🔒
ATT&CK: 🔒

Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo

Ukutholakala: 🔒
Umnyango: Umphakathi
Isimo: Ubufakazi-bokusebenza
Landa: 🔒
Google Hack: 🔒

EPSS Score: 🔒
EPSS Percentile: 🔒

Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔒

0-Day	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela
Namuhla	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela	vula ukufinyelela

Ulwazi lwezingoziulwazi

Intshisekelo: 🔍
Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍

Izinyathelo zokuvikelaulwazi

Isincomo: akukho sithathwa esaziwayo
Isimo: 🔍

0-Suku Isikhathi: 🔒

Isikhathi somlandoulwazi

2026-01-19 Isaziso sikhishwe
2026-01-19 +0 Izinsuku VulDB okokungena kwenziwe
2026-01-30 +10 Izinsuku VulDB okungenelelwe ukubuyekezwa kokugcina

Imithomboulwazi

Iseluleko: github.com
Isimo: Akuchazwanga

CVE: CVE-2026-1202 (🔒)
GCVE (CVE): GCVE-0-2026-1202
GCVE (VulDB): GCVE-100-341788
CNNVD: CNNVD-202601-3321 - CRMEB 授权问题漏洞

scip Labs: https://www.scip.ch/en/?labs.20161013

Ukungenaulwazi

Kudalwa: 2026-01-19 16:33
Ukuvuselelwa: 2026-01-30 00:21
Ukulungiswa: 2026-01-19 16:33 (56), 2026-01-20 03:22 (30), 2026-01-22 08:45 (6), 2026-01-30 00:21 (11)
Kugcwele: 🔍
Umthumeli: Ho Cherry
Cache ID: 253:346:103

Thumelaulwazi

Yamukelwa

• Thumela #734711: Zhongbang CRMEB v5.6.3 Improper Authentication (kusuka ku Ho Cherry)

Ingxoxo

Do you want to use VulDB in your project?

Use the official API to access entries easily!