CVE-2020-11698

Name of the Vulnerable Software and Affected Versions SpamTitan version 7.07

Description An issue was discovered in SpamTitan where improper input sanitization of the parameter community on the page "snmp-x.php" would allow a remote attacker to inject commands into the file "snmpd.conf", enabling the execution of commands on the target server.

Recommendations For SpamTitan version 7.07, ensure proper input sanitization of the community parameter in the "snmp-x.php" page to prevent command injection. As a temporary workaround, consider restricting access to the "snmp-x.php" page until a fix is available.