Vulnerability CVE-2024-5400


Published: 2024-05-27

Description:
Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://www.twcert.org.tw/tw/cp-132-7819-9661a-1.html

Copyright 2026, cxsecurity.com

 

Back to Top