CVE-2020-25850
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HGiga | MailSherlock MSR45/SSR45 | unspecified < 117 | affected |
Weaknesses
- Arbitrary File Download
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.