The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service.
Max CVSS
5.0
EPSS Score
0.23%
Published
2000-06-23
Updated
2017-10-10
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.
Max CVSS
5.0
EPSS Score
0.28%
Published
2000-06-23
Updated
2017-10-10
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter.
Max CVSS
5.0
EPSS Score
0.33%
Published
2000-06-21
Updated
2008-09-10
NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost).
Max CVSS
5.0
EPSS Score
0.28%
Published
2000-06-21
Updated
2008-09-10
4 vulnerabilities found