Intrusion Prevention

SecurEnvoy.SecurMail.URI.API.Upload.Directory.Traversal

Description

This indicates an attack attempt to exploit a Directory Traversal Vulnerability in SecurEnvoy SecurMail.
A remote, authenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a vulnerable server. Successful exploitation could result in arbitrary file access on the target server.

Affected Products

SecurEnvoy SecurMail 9.1.501

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.sec-consult.com/en/vulnerability-lab/advisories/index.html

CVE References

CVE-2018-7705