216.73.217.22

CVE-2025-59689

· Published 19/09/2025 20:15 · Modified 19/09/2025 20:15

Labels: CVE-2025-59689 2025-09-19CVE-2025-59689CWE-77[email protected]

Essential information

Published
19/09/2025 20:15
Modified
19/09/2025 20:15
Author
Creator
CVSS
6.1 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS metrics

Description

Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in 5.2.31. For ESG 5.4 a fix has been released in 5.4.8. For ESG 5.5. a fix has been released in 5.5.7.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
libraesva / libraesva esg cpe:2.3:a:libraesva:libraesva_esg:4.5:*:*:*:*:*:*:*
libraesva / libraesva esg cpe:2.3:a:libraesva:libraesva_esg:5.0:*:*:*:*:*:*:*
libraesva / libraesva esg cpe:2.3:a:libraesva:libraesva_esg:5.1:*:*:*:*:*:*:*
libraesva / libraesva esg cpe:2.3:a:libraesva:libraesva_esg:5.2:*:*:*:*:*:*:*
libraesva / libraesva esg cpe:2.3:a:libraesva:libraesva_esg:5.4:*:*:*:*:*:*:*
libraesva / libraesva esg cpe:2.3:a:libraesva:libraesva_esg:5.5:*:*:*:*:*:*:*

References