Search criteria

1 vulnerability found for GUARDIANWALL MailSuite by Canon Marketing Japan Inc.

JVNDB-2026-000072

Vulnerability from jvndb - Published: 2026-05-13 15:41 - Updated:2026-05-15 15:37
Severity
9.8 (Critical) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow
Details
GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains the following vulnerability.
  • Stack-based buffer overflow in pop3wallpasswd command (CWE-121) - CVE-2026-32661
  • This can be exploited only when the product is configured to run pop3wallpasswd with grdnwww user privilege
The developer states that attacks exploiting the vulnerability has been observed in GUARDIANWALL MailSuite (On-premises version). Canon Marketing Japan Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Canon Marketing Japan Inc. coordinated under the Information Security Early Warning Partnership.
References
Impacted products
Show details on JVN DB website
To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000072.html",
  "dc:date": "2026-05-15T15:37+09:00",
  "dcterms:issued": "2026-05-13T15:41+09:00",
  "dcterms:modified": "2026-05-15T15:37+09:00",
  "description": "GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains the following vulnerability.\u003cul\u003e\u003cli\u003eStack-based buffer overflow in pop3wallpasswd command (CWE-121) - CVE-2026-32661\u003c/li\u003e\u003cli\u003eThis can be exploited only when the product is configured to run pop3wallpasswd with grdnwww user privilege\u003c/li\u003e\u003c/ul\u003eThe developer states that attacks exploiting the vulnerability has been observed in GUARDIANWALL MailSuite (On-premises version).\r\n\r\nCanon Marketing Japan Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.\r\nJPCERT/CC and Canon Marketing Japan Inc. coordinated under the Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000072.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:misc:canon_marketing_japan_guardianwall_mailsuite",
      "@product": "GUARDIANWALL MailSuite",
      "@vendor": "Canon Marketing Japan Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:canon_marketing_japan_guardianwall_mail_security_cloud",
      "@product": "GUARDIANWALL Mail Security Cloud",
      "@vendor": "Canon Marketing Japan Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "9.8",
    "@severity": "Critical",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2026-000072",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN35567473/index.html",
      "@id": "JVN#35567473",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2026-32661",
      "@id": "CVE-2026-32661",
      "@source": "CVE"
    },
    {
      "#text": "https://www.jpcert.or.jp/at/2026/at260013.html",
      "@id": "JPCERT-AT-2026-0013",
      "@source": "JPCERT AT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    }
  ],
  "title": "GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow"
}