Browse all 7 CVE security advisories affecting Softnext. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Softnext develops software solutions for enterprise resource planning and customer relationship management. Historically, its products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with seven CVEs documented. Security assessments reveal common weaknesses in input validation and access control mechanisms. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests potential risks for organizations deploying Softnext solutions. Organizations should implement robust patch management and security hardening measures to mitigate these risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-5670 | Softnext Mail SQR Expert and Mail Archiving Expert - OS Command Injection — SN OS 12.1CWE-78 | 9.8 | Critical | 2024-07-29 |
| CVE-2023-48382 | Softnext Mail SQR Expert - Local File Inclusion-2 — Mail SQR Expert CWE-22 | 6.5 | Medium | 2023-12-15 |
| CVE-2023-48381 | Softnext Mail SQR Expert - Local File Inclusion-1 — Mail SQR Expert CWE-22 | 6.5 | Medium | 2023-12-15 |
| CVE-2023-48380 | Softnext Mail SQR Expert - Command Injection — Mail SQR Expert CWE-78 | 7.4 | High | 2023-12-15 |
| CVE-2023-48379 | Softnext Mail SQR Expert - Blind Server-Side Request Forgey (SSRF) — Mail SQR Expert CWE-918 | 5.3 | Medium | 2023-12-15 |
| CVE-2023-48378 | Softnext Mail SQR Expert - Path Traversal — Mail SQR Expert CWE-22 | 7.5 | High | 2023-12-15 |
| CVE-2023-24835 | Softnext SPAM SQR - Code Injection — SPAM SQRCWE-94 | 7.2 | High | 2023-03-27 |
This page lists every published CVE security advisory associated with Softnext. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.