Описание
An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT File module can be used to delete all/most files in a folder. Because the product usually runs as NT AUTHORITY\SYSTEM, the only files that will not be deleted are those currently being run by the system and/or files that have special security attributes (e.g., Windows Defender files).
Ссылки
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT File module can be used to delete all/most files in a folder. Because the product usually runs as NT AUTHORITY\SYSTEM, the only files that will not be deleted are those currently being run by the system and/or files that have special security attributes (e.g., Windows Defender files).
EPSS
7.2 High
CVSS3
9 Critical
CVSS2