Description
EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate system command or interrupt service.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| EasyUse | MailHunter Ultimate | affected |
|
No data.
No data available yet.
Remediation
Vendor Solution
Contact tech support from EasyUse.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-38115 | EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate system command or interrupt service. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published:
Updated: 2024-09-17T04:14:26.514Z
Reserved: 2022-07-05T00:00:00.000Z
Link: CVE-2022-35223
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-08-02T16:15:10.930
Modified: 2024-11-21T07:10:55.460
Link: CVE-2022-35223
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses