CNNVD-202512-3787 Information

CNNVD ID

CNNVD-202512-3787

Related CVE

CVE-2023-53949

• CNNVD Published: 2025-12-19

Description (Chinese)

AspEmail是美国AspEmail公司的一个动态服务器组件。 AspEmail 5.6.0.2版本存在安全漏洞，该漏洞源于BIN目录权限不当，可能导致权限提升。

Description (English)

Aspemail is a dynamic server component of Aspemail USA. Aspemail 5.6.0.2 has a security loophole, which stems from the inappropriate BIN directory access, which may lead to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

AspEmail

Published

2025-12-19

Last Modified

2026-02-24

References

https://www.aspemail.com https://www.vulncheck.com/advisories/aspemail-local-privilege-escalation-via-binary-permission-vulnerability https://www.exploit-db.com/exploits/51380 https://access.redhat.com/security/cve/cve-2023-53949

Patch

https://www.aspemail.com/download.html