CVE-2022-41675

A remote attacker with general user privilege can inject malicious code in the form content of Raiden MAILD Mail Server website. Other users export form content as CSV file can trigger arbitrary code execution and allow the attacker to perform arbitrary system operation or disrupt service on the user side.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-6738-b78f4-1.html Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:*

Information

Published : 2022-11-29 04:15

Updated : 2022-12-01 04:47


NVD link : CVE-2022-41675

Mitre link : CVE-2022-41675

Products Affected
No products.
CWE
CWE-1236

Improper Neutralization of Formula Elements in a CSV File