MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Command Injection
Mailaudit
Mailgates
NVD
CVSS 3.1
8.8
EPSS
2.2%