exploitDog

CVE-2024-6744

Опубликовано: 15 июл. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server.

Ссылки

https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html
Third Party Advisory
https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-7936-f6381-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cellopoint:secure_email_gateway:*:*:*:*:*:*:*:*

Версия до 4.5.0 (исключая)

EPSS

Процентиль: 85%

0.02459

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-121

CWE-787

Связанные уязвимости

GHSA-c8f7-58h9-9239

CVSS3: 9.8

github

больше 1 года назад

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server.

EPSS

Процентиль: 85%

0.02459

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-121

CWE-787