exploitDog

CVE-2022-25356

Опубликовано: 05 апр. 2022

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Высокий

Описание

Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.

Ссылки

https://www.altn.com/Products/SecurityGateway-Email-Firewall/
Product
https://www.swascan.com/security-advisory-alt-n-security-gateway/
Exploit
Patch
Third Party Advisory
https://www.swascan.com/security-blog/
Product
https://www.altn.com/Products/SecurityGateway-Email-Firewall/
Product
https://www.swascan.com/security-advisory-alt-n-security-gateway/
Exploit
Patch
Third Party Advisory
https://www.swascan.com/security-blog/
Product
https://www.tinextacyber.com/security-advisory-alt-n-security-gataway-cve-2022-25356/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:altn:securitygateway:*:*:*:*:*:*:*:*

Версия от 2.1.0 (включая) до 8.5.0 (включая)

EPSS

Процентиль: 99%

0.72874

Высокий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-91

CWE-91

Связанные уязвимости

GHSA-hp7c-9qj5-xcrq

CVSS3: 5.3

github

почти 4 года назад

ALIN MDaemon Security Gateway through 8.5.0 allows XML Injection.

EPSS

Процентиль: 99%

0.72874

Высокий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-91

CWE-91