{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T05:32:11.202","vulnerabilities":[{"cve":{"id":"CVE-2023-48380","sourceIdentifier":"twcert@cert.org.tw","published":"2023-12-15T09:15:07.577","lastModified":"2024-11-21T08:31:36.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service."},{"lang":"es","value":"Softnext Mail SQR Expert es una plataforma de gestión de correo electrónico, no tiene filtrado suficiente para un carácter especial dentro de una función específica. Un atacante remoto autenticado como host local puede aprovechar esta vulnerabilidad para realizar ataques de inyección de comandos, ejecutar comandos arbitrarios del sistema, manipular el sistema o interrumpir el servicio."}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softnext:mail_sqr_expert:*:*:*:*:*:*:*:*","versionEndExcluding":"230330","matchCriteriaId":"30D54AFA-951B-44FD-84F6-0C16F338E2CE"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7598-37b03-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-7598-37b03-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}