Remote Code Execution Vulnerability in Proself's Enterprise, Gateway, and Mail Sanitize Editions
CVE-2023-39416

7.2HIGH

Key Information:

Vendor: North Grid Corporation
Status: Proself Enterprise/standard Edition; Proself Gateway Edition; Proself Mail Sanitize Edition
Vendor: CVE Published:; 18 August 2023

Summary

Proself's Enterprise/Standard, Gateway, and Mail Sanitize Editions have a vulnerability that allows a remote authenticated attacker with administrative privileges to execute arbitrary operating system commands. This flaw poses significant risks as it enables attackers to manipulate the underlying system, potentially leading to data breaches and unauthorized access. Users of these affected products should apply patches and updates immediately to secure their systems.

Affected Version(s)

Proself Enterprise/Standard Edition Ver5.61 and earlier

Proself Gateway Edition Ver1.62 and earlier

Proself Mail Sanitize Edition Ver1.07 and earlier

References

https://www.proself.jp/information/149/

https://www.proself.jp/information/150/

https://jvn.jp/en/jp/JVN19661362/

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 18, 2023
Vulnerability Reserved
Aug 1, 2023