Critical severity9.6NVD Advisory· Published Aug 6, 2020· Updated Jun 17, 2026
CVE-2020-7361
CVE-2020-7361
Description
The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter 'path', and those commands will run in an elevated SYSTEM context on the underlying Windows operating system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 8.8.2
Patches
Vulnerability mechanics
References
1- github.com/rapid7/metasploit-framework/pull/13828nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.