CVE-2023-40747

Published: Mar 18, 2024

Modified: Mar 18, 2025

PUBLISHED

Description

Directory traversal vulnerability exists in A.K.I Software's PMailServer/PMailServer2 products' CGIs included in Internal Simple Webserver. If this vulnerability is exploited, a remote attacker may access arbitrary files outside DocumentRoot.

Vendor	Product	Versions
A.K.I Software	pmman.exe (Standard edition)	affected `2.5.1.12154 and earlier`
A.K.I Software	pmman.exe (Pro edition)	affected `2.5.1.12155 and earlier`
A.K.I Software	pmman.exe (Standard + IMAP4 edition)	affected `2.5.1.12156 and earlier`
A.K.I Software	pmman.exe (Pro + IMAP4 edition)	affected `2.5.1.12157 and earlier`
A.K.I Software	pmman.exe (Enterprise edition)	affected `2.5.1.12158 and earlier`

References

https://akisoftware.com/Vulnerability202301.html

https://jvn.jp/en/jp/JVN92720882/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-40747

Description

Affected Products

References