TVN ID | TVN-202010005 |
---|---|
CVE ID | CVE-2020-25849 |
CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Affected Products | MailGates v4.0、v5.0;MailAudit v4.0、v5.0 |
Description | MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token. |
Solution | Update Patch to 5.2.8.048 version |
Credit | Openfind technical department |
Public Date | 2020-11-02 |