Main
Vulnerability Database
Exploits
ID:6246 - Exploit for Path traversal in SecurEnvoy SecurMail - CVE-2018-7706
ID:6246 - Exploit for Path traversal in SecurEnvoy SecurMail - CVE-2018-7706
Published: June 17, 2021
Vulnerability identifier: #VU11483
Vulnerability risk: Low
CVE-ID: CVE-2018-7706
CWE-ID: CWE-22
Exploitation vector: Remote access
Vulnerable software:
SecurEnvoy SecurMail
SecurEnvoy SecurMail
Link to public exploit:
Vulnerability description
The vulnerability allows a remote authenticated attacker to obtain potentially sensisitve information on the target system.
The weakness exists in the option2 parameter in an attachment action to secmail/getmessage.exe due to path traversal. A remote attacker can gain access to potentially sensitive information.
The weakness exists in the option2 parameter in an attachment action to secmail/getmessage.exe due to path traversal. A remote attacker can gain access to potentially sensitive information.
Remediation
Update to version 9.2.501.