← back
CVE-2018-7702

CVE-2018-7702

EPSS 14.7%
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/44285/unverifiedexploitdbwww.exploit-db.com/exploits/44285unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/fulldisclosure/2018/Mar/29https://www.exploit-db.com/exploits/44285/https://www.sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-securenvoy-securmail/index.html