Shodan
Vulnerabilities
Vulnerable Software
Neo:  Security Vulnerabilities
CVE-2018-0680
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to read/send mail or change the configuration.
CVSS Score
9.8
EPSS Score
0.011
Published
2018-11-15
CVE-2018-0681
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the configuration.
CVSS Score
9.8
EPSS Score
0.011
Published
2018-11-15
CVE-2018-0682
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.011
Published
2018-11-15
CVE-2018-0683
Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via Cookie data.
CVSS Score
9.8
EPSS Score
0.067
Published
2018-11-15
CVE-2018-0684
Buffer overflow in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R3.0 and earlier, Denbun IMAP version V3.3I R3.0 and earlier) allows remote attackers to execute arbitrary code or cause a denial-of-service (DoS) condition via multipart/form-data format data.
CVSS Score
9.8
EPSS Score
0.067
Published
2018-11-15
CVE-2018-0685
SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via HTTP requests for mail search.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-11-15
CVE-2018-0686
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote authenticated attackers to upload and execute any executable files via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.01
Published
2018-11-15
CVE-2018-0687
Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-11-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved