Command Injection Vulnerability in Openfind MailGates Allows Unauthorized Access to System Files

Command Injection Vulnerability in Openfind MailGates Allows Unauthorized Access to System Files

CVE-2020-12782 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files.

Learn more about our Web Application Penetration Testing UK.