PT-2023-20889 · China Mobile · China Mobile Oa Mailbox Pc

Yzlcqx

Publicado

2023-04-10

Atualizado

2025-02-11

CVE-2023-26986

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions China Mobile OA Mailbox PC version 2.9.23

Description An issue in China Mobile OA Mailbox PC allows remote attackers to execute arbitrary commands on a victim host via user interaction with a crafted EML file sent to their OA mailbox.

Recommendations For China Mobile OA Mailbox PC version 2.9.23, consider avoiding the use of crafted EML files until a patch is available. As a temporary workaround, restrict user interaction with potentially malicious EML files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-26986

Produtos afetados

China Mobile Oa Mailbox Pc

PT-2023-20889 · China Mobile · China Mobile Oa Mailbox Pc

CVE-2023-26986

Identificadores relacionados

Produtos afetados

Referências · 8