exploitDog

CVE-2022-41675

Опубликовано: 29 нояб. 2022

Источник: nvd

CVSS3: 8

EPSS Низкий

Описание

A remote attacker with general user privilege can inject malicious code in the form content of Raiden MAILD Mail Server website. Other users export form content as CSV file can trigger arbitrary code execution and allow the attacker to perform arbitrary system operation or disrupt service on the user side.

Ссылки

https://www.twcert.org.tw/tw/cp-132-6738-b78f4-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-6738-b78f4-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:*

Версия до 4.7.4 (исключая)

EPSS

Процентиль: 78%

0.01148

Низкий

8 High

CVSS3

Дефекты

CWE-1236

CWE-1236

Связанные уязвимости

GHSA-42pg-83vp-h57g

CVSS3: 8

github

около 3 лет назад

A remote attacker with general user privilege can inject malicious code in the form content of Raiden MAILD Mail Server website. Other users export form content as CSV file can trigger arbitrary code execution and allow the attacker to perform arbitrary system operation or disrupt service on the user side.

EPSS

Процентиль: 78%

0.01148

Низкий

8 High

CVSS3

Дефекты

CWE-1236

CWE-1236