CVE-2020-25849

Summary

MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token.

Affected Software

VendorProductVersion RangeStatus
OpenfindMailGates0 <= 5.0affected
OpenfindMailAudit0 <= 5.0affected

Weaknesses

  • CWE-78: CWE-78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References