SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.
References
Link | Resource |
---|---|
https://sidechannel.tempestsi.com/path-traversal-vulnerability-in-securenvoy-impacts-on-remote-command-execution-through-file-upload-ec2e731bd50a | Exploit Third Party Advisory |
https://www.securenvoy.com/en-gb/support | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-08-07T19:03:22
Updated: 2020-08-07T19:03:22
Reserved: 2020-05-21T00:00:00
Link: CVE-2020-13376
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-08-07T20:15:12.373
Modified: 2020-08-12T14:00:42.250
Link: CVE-2020-13376
JSON object: View
Redhat Information
No data.
CWE