Main
Vulnerability Database
Exploits
ID:6247 - Exploit for Path traversal in SecurEnvoy SecurMail - CVE-2018-7705
ID:6247 - Exploit for Path traversal in SecurEnvoy SecurMail - CVE-2018-7705
Published: June 17, 2021
Vulnerability identifier: #VU11482
Vulnerability risk: Low
CVE-ID: CVE-2018-7705
CWE-ID: CWE-22
Exploitation vector: Remote access
Vulnerable software:
SecurEnvoy SecurMail
SecurEnvoy SecurMail
Link to public exploit:
Vulnerability description
The vulnerability allows a remote authenticated attacker to obtain potentially sensisitve information on the target system.
The weakness exists in the filename parameter to secupload2/upload.aspx due to path traversal. A remote attacker can gain access to potentially sensitive information.
The weakness exists in the filename parameter to secupload2/upload.aspx due to path traversal. A remote attacker can gain access to potentially sensitive information.
Remediation
Update to version 9.2.501.