Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Proofpoint Enterprise Protection webservices unauthenticated RCE
Vulnerability Description
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
动态执行代码中指令转义处理不恰当(Eval注入)
Vulnerability Title
Proofpoint Enterprise Protection 代码注入漏洞
Vulnerability Description
Proofpoint Enterprise Protection是美国Proofpoint公司的一个应用程序。提供了保护电子邮件的功能。 Proofpoint Enterprise Protection (PPS/POD) 8.20.0版本及之前版本存在代码注入漏洞。攻击者利用该漏洞通过“eval注入”远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A