exploitDog

GHSA-6xj8-67w9-54rv

Опубликовано: 03 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.7

Описание

An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.

An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.

Ссылки

EPSS

Процентиль: 31%

0.00118

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2024-28589

CVSS3: 6.7

nvd

почти 2 года назад

An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.

EPSS

Процентиль: 31%

0.00118

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-732