CVE-2023-40160

2024-03-1800:32:53

jpcert

www.cve.org

cve-2023-40160

mailing list search cgi

a.k.i software

remote attacker

arbitrary files

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

JSON

Directory traversal vulnerability exists in Mailing List Search CGI (pmmls.exe) included in A.K.I Software’s PMailServer/PMailServer2 products. If this vulnerability is exploited, a remote attacker may obtain arbitrary files on the server.

CNA Affected

[
  {
    "vendor": "A.K.I Software ",
    "product": "pmmls.exe",
    "versions": [
      {
        "version": "2.5.1.561 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

akisoftware.com/Vulnerability202301.html

jvn.jp/en/jp/JVN92720882/