Описание
SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root.
Ссылки
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 12.1.17 (включая)
cpe:2.3:a:seppmail:seppmail:*:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00223
Низкий
6 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 6
github
10 месяцев назад
SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root.
EPSS
Процентиль: 45%
0.00223
Низкий
6 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78