Security Advisory

CVE-2020-37012

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-29 14:28:31

Last updated 2026-01-29 16:48:14

Assigner VulnCheck

State PUBLISHED

Description

Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious LaTeX payload with shell commands that are executed when processed by the applications tex2png API action.

← Browse all CVEs View on cve.org ↗