← back
CVE-2024-9043

Cellopoint Secure Email Gateway - Buffer Overflow

CVSS 9.8 CRITICALEPSS 1.4%CWE-121
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 1.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
20 Sep 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing authentication and obtaining system administrator privileges.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Cellopoint · Secure Email Gateway

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.twcert.org.tw/en/cp-139-8103-b0568-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8102-b94a9-1.html