Remote File Read Vulnerability in Raiden MAILD Remote Management System
CVE-2024-7693

7.5HIGH

Key Information:

Vendor: Team Johnlong Software
Status: Raiden Maild Remote Management System
Vendor: CVE Published:; 12 August 2024

Summary

The Raiden MAILD Remote Management System from Team Johnlong Software is susceptible to a vulnerability that permits remote, unauthenticated attackers to exploit relative path traversal techniques. This enables them to gain unauthorized access to sensitive files stored on the server. The flaw can lead to exposure of critical data, potentially compromising the integrity and confidentiality of the system. Organizations using the impacted software should prioritize patching and implementing security measures to mitigate potential risks.

Affected Version(s)

Raiden MAILD Remote Management System 0 <= 5.01

References

https://www.twcert.org.tw/tw/cp-132-7997-31bef-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-7999-208bf-2.html

third-party-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 12, 2024
Vulnerability Reserved
Aug 12, 2024