NetwinCVEs & Vulnerabilities

50 CVEs affecting Netwin products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

surgemail 300surgeftp 48dmail 28cwmail 27webnews 12dmailweb 10surgeldap 9smsgate 7
CVE-2017-17933MEDIUM

cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.

29 Dec 2017
6.1
CVSS
CVE-2013-4742HIGH

Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.

10 Aug 2013
7.5
CVSS
CVE-2012-2575MEDIUMpoc

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 6.0a4 allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IFRAME element in the body of an HTML e-mail message.

17 Sep 2012
4.3
CVSS
CVE-2010-3201MEDIUMpoc

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program.

8 Jan 2011
4.3
CVSS
CVE-2010-1068MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the (1) domainid or (2) classid parameter in a class action.

23 Mar 2010
4.3
CVSS
CVE-2008-7182MEDIUMpoc

Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 and CVE-2008-1498. NOTE: due to lack of details, it is not certain whether this is the same issue as CVE-2008-2859.

8 Sep 2009
4.0
CVSS
CVE-2008-5421MEDIUM

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service (hang) via (1) a large integer in the Content-Length HTTP header; (2) an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or (3) a missing Content-Length HTTP header.

11 Dec 2008
5.0
CVSS
CVE-2008-2859MEDIUMpoc

Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command."

25 Jun 2008
5.0
CVSS
CVE-2008-1497CRITICAL

Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.

25 Mar 2008
9.0
CVSS
CVE-2008-1498CRITICALpoc

Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.

25 Mar 2008
9.0
CVSS
CVE-2008-1052MEDIUMpoc

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails.

27 Feb 2008
6.4
CVSS
CVE-2008-1054MEDIUMpoc

Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple long headers to webmail.exe and unspecified other CGI executables, which triggers an overflow when assigning values to environment variables. NOTE: some of these details are obtained from third party information.

27 Feb 2008
6.4
CVSS
CVE-2008-1055HIGHpoc

Format string vulnerability in webmail.exe in NetWin SurgeMail 38k4 and earlier and beta 39a, and WebMail 3.1s and earlier, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in the page parameter.

27 Feb 2008
7.5
CVSS
CVE-2007-6457MEDIUMpoc

Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to cause a denial of service (crash) via a long Host header.

20 Dec 2007
5.0
CVSS
CVE-2007-5370MEDIUMpoc

Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter.

11 Oct 2007
4.3
CVSS
CVE-2007-4372CRITICAL

Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.

16 Aug 2007
10.0
CVSS
CVE-2007-4377MEDIUMpoc

Stack-based buffer overflow in the IMAP service in SurgeMail 38k allows remote authenticated users to execute arbitrary code via a long argument to the SEARCH command. NOTE: this might overlap CVE-2007-4372.

16 Aug 2007
6.0
CVSS
CVE-2007-3768HIGH

The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malformed response to a PASV command.

16 Jul 2007
8.5
CVSS
CVE-2007-3769MEDIUM

Cross-site scripting (XSS) vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE: this can be leveraged for root access via a sequence of steps involving web script that creates a new FTP user account.

16 Jul 2007
5.8
CVSS
CVE-2007-2655HIGH

Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.

15 May 2007
7.5
CVSS
CVE-2006-5100HIGHpoc

PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.

3 Oct 2006
7.5
CVSS
CVE-2005-1714MEDIUM

Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

24 May 2005
4.3
CVSS
CVE-2005-1478HIGH

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string specifiers in the xtellmail command.

11 May 2005
7.5
CVSS
CVE-2005-1516HIGH

DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a sendlog command with an incorrect password hash, which is not properly handled by the _cmd_sendlog function.

11 May 2005
7.5
CVSS
CVE-2005-0845MEDIUM

Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter.

2 May 2005
5.0
CVSS
CVE-2005-0846MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.

2 May 2005
4.3
CVSS
CVE-2005-1034MEDIUM

SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (application hang) via the LEAK command.

2 May 2005
5.0
CVSS
CVE-2004-2318MEDIUM

The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.

31 Dec 2004
5.0
CVSS
CVE-2004-2537CRITICAL

Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug."

31 Dec 2004
10.0
CVSS
CVE-2004-2253MEDIUMpoc

Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.

31 Dec 2004
5.0
CVSS
CVE-2004-2254HIGHpoc

SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.

31 Dec 2004
7.5
CVSS
CVE-2004-2547LOWpoc

NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.

31 Dec 2004
2.6
CVSS
CVE-2004-2548MEDIUMpoc

Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547).

31 Dec 2004
4.3
CVSS
CVE-2002-0273MEDIUM

Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter.

31 May 2002
4.6
CVSS
CVE-2002-0290HIGH

Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.

31 May 2002
7.5
CVSS
CVE-2002-0310HIGH

Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.

31 May 2002
7.5
CVSS
CVE-2001-0696MEDIUM

NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con.

20 Sep 2001
5.0
CVSS
CVE-2001-0697MEDIUMpoc

NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command.

20 Sep 2001
5.0
CVSS
CVE-2001-0698MEDIUM

Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.

20 Sep 2001
5.0
CVSS
CVE-2001-1356CRITICAL

NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.

4 Aug 2001
10.0
CVSS
CVE-2001-1355CRITICAL

Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command.

20 Jul 2001
10.0
CVSS
CVE-2001-1354MEDIUMpoc

NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.

20 Jul 2001
4.6
CVSS
CVE-2000-0782MEDIUMpoc

netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.

20 Oct 2000
5.0
CVSS
CVE-2000-0610MEDIUM

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.

23 Jun 2000
5.0
CVSS
CVE-2000-0611MEDIUM

The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service.

23 Jun 2000
5.0
CVSS
CVE-2000-0608MEDIUM

NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost).

21 Jun 2000
5.0
CVSS
CVE-2000-0609MEDIUM

NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter.

21 Jun 2000
5.0
CVSS
CVE-2000-0490CRITICALpoc

Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.

1 Jun 2000
10.0
CVSS
← PrevPage 1 / 2Next →