GUARDIANWALL MailSuite and Mail Security Cloud Stack-Based Buffer Overflow Vulnerability

A stack-based buffer overflow vulnerability has been identified in GUARDIANWALL MailSuite (versions 1.4.00 to 2.4.26) and GUARDIANWALL Mail Security Cloud (SaaS version, prior to the April 30, 2026 maintenance). This vulnerability allows remote attackers to execute arbitrary code by sending specially crafted requests to the product's web service, but only when GUARDIANWALL MailSuite is configured to run the 'pop3wallpasswd' command with 'grdnwww' user privileges.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected system.

Remediation

Users of GUARDIANWALL MailSuite should apply the available patch. Instructions for patching have been sent to users via their support contact. GUARDIANWALL Mail Security Cloud users do not need to take action, as the vulnerability has already been addressed in the April 30, 2026 update.