CVE-2024-5399

🗓️ 27 May 2024 03:32:29Reported by twcertType

Openfind Mail2000 API parameter filtering vulnerabilit

Reporter	Title	Published	Views	Family All 6
CNNVD	Openfind Mail2000 操作系统命令注入漏洞	27 May 202400:00	–	cnnvd
Cvelist	CVE-2024-5399 Openfind Mail2000 - OS Command Injection	27 May 202403:32	–	cvelist
EUVD	EUVD-2024-46622	3 Oct 202520:07	–	euvd
NVD	CVE-2024-5399	27 May 202404:15	–	nvd
Positive Technologies	PT-2024-36002	27 May 202400:00	–	ptsecurity
Vulnrichment	CVE-2024-5399 Openfind Mail2000 - OS Command Injection	27 May 202403:32	–	vulnrichment

NVD

Node

openfind mail2000Match7.0

openfind mail2000Match8.0

[
  {
    "defaultStatus": "unaffected",
    "product": "Mail2000 V7.0",
    "vendor": "Openfind",
    "versions": [
      {
        "lessThan": "Patch 124",
        "status": "affected",
        "version": "Patch 55",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Mail2000 V8.0",
    "vendor": "Openfind",
    "versions": [
      {
        "lessThan": "Patch 31",
        "status": "affected",
        "version": "earlier",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
twcert	www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html

26 Jan 2026 13:49Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.2

EPSS0.01222

SSVC

CWE-78