CVE-2022-40741

Mail SQR Expert’s specific function has insufficient filtering for special characters. An unauthenticated remote attacker can exploit this vulnerability to perform arbitrary system command and disrupt service.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-6643-89bfa-1.html Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:softnext:mail_sqr_expert:2dut.190301:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-10-31 07:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-40741

Mitre link : CVE-2022-40741

CVE.ORG link : CVE-2022-40741


JSON object : View

Products Affected

softnext

  • mail_sqr_expert
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')