Titanhq: >> Spamtitan >> 7.0.0 Security Vulnerabilities
SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted.
CVSS Score
5.3
EPSS Score
0.001
Published
2020-12-23
In TitanHQ SpamTitan through 7.03, a vulnerability exists in the spam rule update function. Updates are downloaded over HTTP, including scripts which are subsequently executed with root permissions. An attacker with a privileged network position is trivially able to inject arbitrary commands.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-06-05
TitanHQ SpamTitan before 7.01 has Improper input validation. This allows internal attackers to bypass the anti-spam filter to send malicious emails to an entire organization by modifying the URL requests sent to the application.
CVSS Score
5.3
EPSS Score
0.003
Published
2019-01-30