A zip-slip vulnerability exists in XINJE PLC Program Tool that provides an attacker with arbitrary write privileges with the permissions on the program; usually these will be administrator privileges.
Read more: From Project Files to Code Execution: Exploiting Vulnerabilities in XINJE PLC Program Tool"

Risk Information

  • CVE ID
  • CVE-2021-34605
  • Vendor
  • Product
  • XINJE PLC Program Tool
  • CVSS v3
  • 7.3