Описание
An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution.
Ссылки
- ExploitThird Party Advisory
- Release NotesVendor Advisory
- ExploitThird Party Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 20.0.4 (исключая)
cpe:2.3:a:altn:mdaemon:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04398
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-610
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution.
EPSS
Процентиль: 89%
0.04398
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-610