CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...

MailCleaner 安全漏洞

MailCleaner is an anti-virus e-mail gateway from MailCleaner, Inc. MailCleaner has a security vulnerability that originates from the default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key not being changed after installation...

CVE-2024-55560

CVE-2024-55560 affects MailCleaner versions before 28d913e, where the default SSH host keys (ssh_host_dsa_key, ssh_host_rsa_key, ssh_host_ed25519_key) persist after installation. The underlying issue is the continued presence of these default keys, which can enable unauthorized access to the devi...

PT-2024-36555 · Unknown · Mailcleaner

Name of the Vulnerable Software and Affected Versions: MailCleaner versions before 28d913e Description: The issue concerns default values of ssh host dsa key, ssh host rsa key, and ssh host ed25519 key that persist after installation. Recommendations: For versions before 28d913e, update to a...

CVE-2024-55560

MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...

CVE-2024-3195

A vulnerability was found in MailCleaner up to 2023.03.14. It has been classified as critical. This affects an unknown part of the component Admin Endpoints. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-3194

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

CVE-2024-3196

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/ServicessilentDump/ServicesstopStartMTA/ConfigsaveDateTime/Confighostid/LogsStartGetStat/dumpConfiguration of the component SOAP Service. The manipulation...

CVE-2024-3195

A vulnerability was found in MailCleaner up to 2023.03.14. It has been classified as critical. This affects an unknown part of the component Admin Endpoints. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-3196

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/ServicessilentDump/ServicesstopStartMTA/ConfigsaveDateTime/Confighostid/LogsStartGetStat/dumpConfiguration of the component SOAP Service. The manipulation...

CVE-2024-3194

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

CVE-2024-3192

A vulnerability, which was classified as problematic, was found in MailCleaner up to 2023.03.14. Affected is an unknown function of the component Admin Interface. The manipulation as part of Mail Message leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

CVE-2024-3193

A vulnerability has been found in MailCleaner up to 2023.03.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Admin Endpoints. The manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclos...

CVE-2024-3191

A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-3192

A vulnerability, which was classified as problematic, was found in MailCleaner up to 2023.03.14. Affected is an unknown function of the component Admin Interface. The manipulation as part of Mail Message leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

CVE-2024-3193

A vulnerability has been found in MailCleaner up to 2023.03.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Admin Endpoints. The manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclos...

CVE-2024-3191

A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2024-3196 MailCleaner SOAP Service dumpConfiguration os command injection

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/ServicessilentDump/ServicesstopStartMTA/ConfigsaveDateTime/Confighostid/LogsStartGetStat/dumpConfiguration of the component SOAP Service. The manipulation...

CVE-2024-3196

CVE-2024-3196 affects MailCleaner up to version 2023.03.14, impacting the SOAP Service’s dumpConfiguration path (getStats/Services_silentDump/Services_stopStartMTA/Config_saveDateTime/Config_hostid/Logs_StartGetStat). The underlying issue is an OS command injection in the SOAP Service, with local...

CVE-2024-3196 MailCleaner SOAP Service dumpConfiguration os command injection

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/ServicessilentDump/ServicesstopStartMTA/ConfigsaveDateTime/Confighostid/LogsStartGetStat/dumpConfiguration of the component SOAP Service. The manipulation...