In TitanHQ SpamTitan through 7.03, a vulnerability exists in the spam rule update function. Updates are downloaded over HTTP, including scripts which are subsequently executed with root permissions. An attacker with a privileged network position is trivially able to inject arbitrary commands.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-06-05T18:05:02
Updated: 2024-08-04T20:31:04.278Z
Reserved: 2019-01-24T00:00:00
Link: CVE-2019-6800
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-06-05T19:29:00.293
Modified: 2024-11-21T04:47:11.060
Link: CVE-2019-6800
Redhat
No data.