CVE-2023-6381

Name of the Vulnerable Software and Affected Versions Newsletter Software SuperMailer version 11.20.0.2204

Description The issue is related to improper input validation, which can be exploited by sending a malicious configuration file with an SMB extension to a user via a link or email attachment. If the user opens the file with the affected software on the local system, a successful exploit could allow the attacker to crash the application when attempting to load the malicious file.

Recommendations For version 11.20.0.2204, as a temporary workaround, consider avoiding the use of configuration files with SMB extensions until a patch is available. Restrict access to the affected software to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.