exploitDog

GHSA-fqqj-qgxm-vg3x

Опубликовано: 28 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.

Ссылки

EPSS

Процентиль: 63%

0.00451

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2025-34491

CVSS3: 8.8

nvd

10 месяцев назад

GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deserialization issue. A remote and authenticated attacker can execute arbitrary code by sending crafted serialized .NET when joining to a Multi-Server setup.

EPSS

Процентиль: 63%

0.00451

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-502