Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Tea LaTex

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2020-37012
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.27% / 49.67%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tea LaTex 1.0 - Remote Code Execution

Tea LaTex 1.0 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary shell commands through the /api.php endpoint. Attackers can craft a malicious LaTeX payload with shell commands that are executed when processed by the application's tex2png API action.

Action-Not Available
Vendor-ammarfaizi2
Product-Tea LaTex
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')