-
CVE-2021-26292 - Public Full Path Disclosure on AfterLogic Aurora & WebMail Pro WebDAV EndPoint
-
CVE-2021-26293 - [9.8 CRITICAL] RCE via Public unrestricted upload with path traversal on AfterLogic Aurora & WebMail Pro WebDAV EndPoint
-
CVE-2021-26294 - [7.5 HIGH] Exposure of sensitive information to an unauthorized actor with path traversal on AfterLogic Aurora & WebMail Pro WebDAV EndPoint
- Emre KELEŞ - @emrekeles on twitter
- Emircan YILDIZ - @scorpsec on twitter
- Halil Emre ÖZEN - @halilemreozen on twitter
Afterlogic Corp. is an award-winning technological company creating world-leading email and telecommunications components, software and platforms since 2002
Source : AfterLogic Home Page
- Carnegie Mellon University
- CERN
- Edinburgh University
- Harvard University
- UCLA
- University of Liverpool
- University of Montreal> - Also: Howard University, New Jersey City University, New Mexico State University, North Central University, UNCA, Universidad de Granada, University of Idaho, University of Minnesota, University of Rochester Medical Center, Weber State University, and even Jesus Loves Me Preschool :-)
- AirBus
- Akna
- Alcatel-Lucent
- AOL
- AT&T
- Ballou Internet Services
- Bank of Montreal
- Bechtel
- Bell Mobility
- Berkeley University
- Bosch
- British Transport Police
- Carnegie Mellon University
- Cellcom Israel
- Centers for Disease Control and Prevention
- CentiaCRM
- CERN
- Chamber of Deputies
- Cisco Systems
- CMA CGM
- ColombiaHosting
- Compliance
- Datawatch
- Delaware Technical & Community College
- Dell
- Diocese de Monaco
- Edinburgh University
- European Molecular Biology Laboratory
- Federal State Institution Russian State Library
- Freescale Semiconductor
- Fuji Xerox
- GCT
- General Electric
- Go Daddy
- Government of Latvia
- Government of Romania
- Government of Saskatchewan, Canada
- Government of South Australia
- Government Organizations
- Harvard University
- Hewlett-Packard
- HITACHI
- Hosting Australia
- Iberweb
- IBM
- Insurance House Company
- Intuit Inc.
- iShare Medical
- Konica Minolta
- Lockheed Martin
- LSI Logic
- McAfee
- Mchost
- McKesson
- Miele
- Mogo Finance
- MOTOROLA
- National Blood Service
- NEC Corporation
- Netcore
- New Zealand Parliament
- Nuevo
- Pfizer
- Philips
- Public Internet
- Rackspace
- Rackspace
- Razorfish
- Ricoh
- SAAB
- Siemens AG
- Sony Ericsson
- Sophos
- SpaceLink
- Stack Overflow
- Sweden Democrats
- Synchronous ERP
- T-Mobile Deutschland
- Telecom Scandinavia A/S
- The Bank of New York
- The German Parliament
- The Royal Bank of Scotland
- Time Inc
- Transport Canada
- Tucows
- United Communication Service International Group
- Verizon
- VMware
- Vodafone
- Volvo
- Wells Fargo
- Wells Fargo
- Xerox
- Yandex
- Yippy
- York University
- Zimmer Intermed
Also
- American Psychiatric Association
- Apostle Paul Ministries
- Cinemark
- DevASP.com
- Doctors.net.uk
- Dow Jones
- Fujicolor
- Horizon Bank
- Illinois Criminal Justice Authority
- Insight
- ManTech International Corporation
- Military Parts Corp
- National Marrow Donor Program
- Neste Oil
- Network America
- Propaganda Promotions
- PUKKAspace web hosting
- Quest Software
- SADAFCO
- Software Spectrum
- Trend Micro
- Trident Systems
- USOnline
- VisionAIR
- Worldwide Church of God
- and many others
Sources :