CNNVD-202508-776 Information
CNNVD ID
CNNVD-202508-776
Related CVE
- CNNVD Published: 2025-08-08
Description (Chinese)
ESVA-Project E-Mail Security Virtual Appliance是ESVA-Project公司的一款电子邮件安全虚拟设备。 E-Mail Security Virtual Appliance ESVA_2057版本存在安全漏洞,该漏洞源于learn-msg.cgi脚本未清理用户输入,可能导致命令注入。
Description (English)
ESVA-Project E-Mail Security Virtual Application is an e-mail security virtual device of ESVA-Project. The E-Mail Security Virtual Application ESVA 2057 contains a security loophole, which originates from the cleanup of user input from the Learn-msg.cgi script, which may lead to the injection of the command.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ESVA-Project
Published
2025-08-08
Last Modified
2026-02-24
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ https://sourceforge.net/projects/esva-project/ https://www.exploit-db.com/exploits/20551 https://www.exploit-db.com/exploits/20712 https://www.vulncheck.com/advisories/email-security-virtual-appliance-command-injection https://access.redhat.com/security/cve/cve-2012-10046
Share on: