go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::

Date:
Font-stze:

Openfind MailGates - Command Injection

TVN ID TVN-202006001
Public Date 2020-06-09
Affected Products MailGates 5.0 and MailAudit 5.0
Description Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files.
CVE ID CVE-2020-12782
Solution Update to version 5.2.7.036, or contact with Openfind.
Credit Openfind technical department
Top