CVE-2020-25849

MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-4118-6292c-1.html Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:openfind:mailgates:5.0:*:*:*:*:*:*:*
cpe:2.3:a:openfind:mailaudit:5.0:*:*:*:*:*:*:*
cpe:2.3:a:openfind:mailaudit:4.0:*:*:*:*:*:*:*
cpe:2.3:a:openfind:mailgates:4.0:*:*:*:*:*:*:*

Information

Published : 2020-11-01 05:15

Updated : 2020-11-13 03:39


NVD link : CVE-2020-25849

Mitre link : CVE-2020-25849

Products Affected
No products.
CWE