CVE-2022-25356
published 2022-04-05CVE-2022-25356: Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.
PriorityP340medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
5.88%
92.3th percentile
Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| altn | securitygateway | 2.1.0 – 8.5.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting SecurityGateway.dll with the 'view=login' parameter for XML injection payloads (e.g., special characters such as <, >, &, quotes in parameter values). ↗
- ·The vulnerability affects Alt-N MDaemon Security Gateway through version 8.5.0 only; later versions may not be affected. ↗
- ·Detection based solely on HTTP 200 response to the login endpoint is low-fidelity; XML injection payload content in the request body/parameters should be correlated for higher confidence.
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection
nuclei·CVSS 5.3
CVE-2022-25356 [MEDIUM] Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection
Alt-n/MDaemon Security Gateway "
- " "
condition: and
- type: status
status:
- 200
# digest: 490a0046304402200ac78a828e32fd3fad396c03d361f9d0905528be4c0cab500c74b45c997bc19302201964aa3e388ac6e783f659c404a8d23ee7c8b0f09940269bdbd653cf3d77d3d7:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
https://www.altn.com/Products/SecurityGateway-Email-Firewall/https://www.swascan.com/security-advisory-alt-n-security-gateway/https://www.swascan.com/security-blog/https://www.altn.com/Products/SecurityGateway-Email-Firewall/https://www.swascan.com/security-advisory-alt-n-security-gateway/https://www.swascan.com/security-blog/https://www.tinextacyber.com/security-advisory-alt-n-security-gataway-cve-2022-25356/
2022-04-05
Published