Argosoft : Security Vulnerabilities, CVEs, CVSS score >= 8

CVE-2020-23824

ArGo Soft Mail Server 1.8.8.9 is affected by Cross Site Request Forgery (CSRF) for perform remote arbitrary code execution. The component is the Administration dashboard. When using admin/user credentials, if the admin/user admin opens a website with the malicious page that will run the CSRF.
Max CVSS
8.8
EPSS Score
0.20%
Published
2020-09-11
Updated
2020-09-18

CVE-2005-0520

ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.
Max CVSS
10.0
EPSS Score
1.24%
Published
2005-02-23
Updated
2017-07-11

CVE-2005-0519

ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520.
Max CVSS
10.0
EPSS Score
1.24%
Published
2005-02-18
Updated
2017-07-11

CVE-2004-2673

Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument.
Max CVSS
9.0
EPSS Score
1.07%
Published
2004-12-31
Updated
2017-07-29
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close