CVE-2020-14031

Name of the Vulnerable Software and Affected Versions Ozeki NG SMS Gateway versions through 4.17.6

Description An issue was discovered in the outbox functionality of the TXT File module, allowing it to delete most files in a folder. Since the product typically runs as NT AUTHORITYSYSTEM, the only files that will not be deleted are those currently being run by the system and/or files with special security attributes.

Recommendations For Ozeki NG SMS Gateway versions through 4.17.6, consider restricting access to the outbox functionality of the TXT File module to prevent unauthorized file deletion until a patch is available.