In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka “Service ready”) string.
CPE | Name | Operator | Version |
---|---|---|---|
data_expert_ultimate | eq | 2.2.16 |