CVE-2021-31987
CVE-2021-31987
In short
A flaw in the SMTP test feature allows users to send emails to addresses that should be blocked, by bypassing security restrictions through improper validation of user input.
Technical detail
CWE-1286 vulnerability in SMTP test functionality where user-controlled parameters lack proper validation, enabling bypass of recipient filtering mechanisms. An authenticated attacker can craft requests to send messages to blocked network recipients, circumventing intended access controls.
Summary generated and translated by AI from the official description.
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
Affected products
Axis Communications AB · AXIS OSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →