CVE-2022-41675
CVSS V2 None
CVSS V3 None
Description
A remote attacker with general user privilege can inject malicious code in the form content of Raiden MAILD Mail Server website. Other users export form content as CSV file can trigger arbitrary code execution and allow the attacker to perform arbitrary system operation or disrupt service on the user side.
Overview
- CVE ID
- CVE-2022-41675
- Assigner
- twcert@cert.org.tw
- Vulnerability Status
- Analyzed
- Published Version
- 2022-11-29T04:15:10.633
- Last Modified Date
- 2022-12-01T16:47:55.830
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:* | 1 | OR | 4.7.4 |
References
| Reference URL | Reference Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-6738-b78f4-1.html | Third Party Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-41675 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41675 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-12-07 18:05:27 | Added to TrackCVE |