{"id":"CVE-2024-24202","details":"An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.","modified":"2026-04-10T05:09:47.119361Z","published":"2024-02-08T05:15:08.593Z","references":[{"type":"EVIDENCE","url":"https://clammy-blizzard-8ef.notion.site/Zentao-PMS-Authorized-Remote-Code-Execution-Vulnerability-1077a870c92848e18fe0c139c4fc2176"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/easysoft/zentaopms","events":[{"introduced":"0"},{"last_affected":"86a7dce86c26379c0f7588fe333f11d61c85b21d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"18.10"}]}}],"versions":["zentao_11.2_build1_20190128","zentaopms_10.1_20180716","zentaopms_10.3.1_20180907","zentaopms_10.3_20170809","zentaopms_10.4.stable_20180928","zentaopms_10.5.1_20181105","zentaopms_10.6.stable_20181120","zentaopms_11.0.stable_20181221","zentaopms_11.1.stable_20190104","zentaopms_11.4.stable_20190325","zentaopms_11.5.stable_20190508","zentaopms_11.6.0.beta1_20190705","zentaopms_11.6.1_20190823","zentaopms_11.6.2_20190906","zentaopms_11.6.3_20190924","zentaopms_11.6.4_20191017","zentaopms_11.7.stable_20191129","zentaopms_12.0.stable_20200103","zentaopms_12.3.2_20200601","zentaopms_12.3.3_20200707","zentaopms_13.0._20201022","zentaopms_13.0.alpha1_20201103","zentaopms_13.0.alpha2_20201123","zentaopms_13.0.beta1_20201201","zentaopms_13.0.beta4_20210202","zentaopms_13.beta2_20201218","zentaopms_15.0.1_20210606","zentaopms_15.2_20210720","zentaopms_15.3_20210804","zentaopms_15.4_20210823","zentaopms_15.5_20210914","zentaopms_15.7.1_20211102","zentaopms_15.8_20211122","zentaopms_16.0","zentaopms_16.0.beta1","zentaopms_16.0.beta1_20211207","zentaopms_16.2","zentaopms_16.3","zentaopms_16.4","zentaopms_16.5.beta1","zentaopms_17.0","zentaopms_17.1","zentaopms_17.6","zentaopms_17.6.2","zentaopms_17.7","zentaopms_17.8","zentaopms_18.0.beta1","zentaopms_18.0.beta2","zentaopms_18.1","zentaopms_18.10","zentaopms_18.3","zentaopms_18.4","zentaopms_18.4.alpha1","zentaopms_18.4.beta1","zentaopms_18.5","zentaopms_18.6","zentaopms_18.8","zentaopms_20.0._20201022","zentaopms_20.0.alpha1_20201103","zentaopms_20.0.alpha2_20201123","zentaopms_20.0.alpha_20201030_1","zentaopms_20.0.beta1_20201201","zentaopms_20.0.beta4_20210202","zentaopms_20.beta2_20201218","zentaopms_4.3.beta_20130805","zentaopms_5.0.beta1_20130809","zentaopms_6.0.beta1_20140503","zentaopms_6.0.stable_20140625","zentaopms_6.1.stable_20140805","zentaopms_6.1.stable_20140806","zentaopms_6.2.stable_20140827","zentaopms_6.3.stable_20141107","zentaopms_6.4.stable_20141223","zentaopms_7.0.stable_20150206","zentaopms_7.1.stable_20150317","zentaopms_7.2.4_20150703","zentaopms_7.2.5_20150807","zentaopms_7.2.stable_20150525","zentaopms_7.3.stable_20150918","zentaopms_8.0.1_20151224","zentaopms_8.0.stable_20151127","zentaopms_8.1.3_20160323","zentaopms_8.1.stable_20160315","zentaopms_8.2.1_20160524","zentaopms_8.2.2_20160608","zentaopms_8.2.3_20160624","zentaopms_8.2.4_20160628","zentaopms_8.2.5_20160805","zentaopms_8.2.6_20160913","zentaopms_8.2.beta_20160504","zentaopms_8.2.stable_20160517","zentaopms_8.3.4_20160628","zentaopms_8.3.stable_20161109","zentaopms_8.4.1_20161212","zentaopms_8.4.stable_20161206","zentaopms_9.0.1_20170215","zentaopms_9.0.stable_20170117","zentaopms_9.1.1_20170410","zentaopms_9.1.2_20170419","zentaopms_9.2.1_20170522","zentaopms_9.2.stable_20170516","zentaopms_9.3.beta_20170627","zentaopms_9.4_20170726","zentaopms_9.5.1_20170927","zentaopms_9.6.1_20171113","zentaopms_9.6_20171106"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.10"}]},{"events":[{"introduced":"0"},{"last_affected":"4.10"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-24202.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}