CVE-2026-23500
CriticalSummary
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0, the ODT to PDF conversion process in odf.php concatenates the MAIN_ODT_AS_PDF configuration constant directly into a shell command passed to exec() without sanitization.
Risk Assessment
The risk involves the ability for an authenticated administrator to inject arbitrary OS commands, leading to remote code execution as the web server user. This poses a significant security threat to the system.
Recommendation
It is recommended to upgrade to version 23.0.0 or later to mitigate this vulnerability. Additionally, conducting a security audit to identify potential threats is advisable.
Original NVD description (English source)
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAIN_ODT_AS_PDF configuration constant directly into a shell command passed to exec() without sanitization. An authenticated administrator can inject arbitrary OS commands via this constant using command separators, achieving remote code execution as the web server user when any ODT template is generated. This issue has been fixed in version 23.0.0.

