Browse all 7 CVE security advisories affecting zorem. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zorem is a network monitoring solution primarily deployed for infrastructure visibility and performance analysis. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. The product has faced multiple critical vulnerabilities affecting its web interface and API endpoints, with several instances allowing unauthenticated attackers to execute arbitrary commands or access sensitive system information. While no major public security incidents have been widely documented, the consistent presence of high-severity flaws in its CVE history suggests ongoing challenges in secure development practices, particularly in input handling and authentication mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-4347 | Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change — Advanced Shipment Tracking for WooCommerceCWE-862 | 9.9 | Critical | 2023-06-07 |
| CVE-2022-41635 | WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF) — Advanced Shipment Tracking for WooCommerceCWE-352 | 4.3 | Medium | 2023-05-25 |
This page lists every published CVE security advisory associated with zorem. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.