| TVN ID | TVN-202010005 |
|---|---|
| CVE ID | CVE-2020-25849 |
| CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | MailGates v4.0、v5.0;MailAudit v4.0、v5.0 |
| Description | MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token. |
| Solution | Update Patch to 5.2.8.048 version |
| Credit | Openfind technical department |
| Public Date | 2020-11-02 |
:::