Rewterz Threat Advisory – CVE-2021-1423 – Cisco Aironet Access Points security bypass
March 25, 2021Rewterz Threat Alert – Nanocore – Active IoCs
March 25, 2021Rewterz Threat Advisory – CVE-2021-1423 – Cisco Aironet Access Points security bypass
March 25, 2021Rewterz Threat Alert – Nanocore – Active IoCs
March 25, 2021Severity
Medium
Analysis Summary
CVE-2020-1946
Apache SpamAssassin could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation. By using a specially-crafted rule configuration (.cf) file, an attacker could exploit this vulnerability to execute arbitrary OS commands on the system.
Impact
Gain Access
Affected Vendors
Apache
Affected Products
Apache SpamAssassin 3.4.0
Remediation
Upgrade to the latest version of SpamAssassin (3.4.5 or later).