JVN#35567473
GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow
Critical

Overview

GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains a stack-based buffer overflow vulnerability.

Products Affected

• GUARDIANWALL MailSuite (On-premises version) Ver 1.4.00 to Ver 2.4.26
• GUARDIANWALL Mail Security Cloud (SaaS version) versions before the maintenance on April 30, 2026

Description

GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains the following vulnerability.

• Stack-based buffer overflow in pop3wallpasswd command (CWE-121)
  • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 9.3
  • CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Base Score 9.8
  • CVE-2026-32661
  • This can be exploited only when the product is configured to run pop3wallpasswd with grdnwww user privilege

Impact

If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed.

Solution

Apply the patch
Apply all the patches provided by the developer.

Note that, GUARDIANWALL Mail Security Cloud (SaaS version) has already been fixed with April 30, 2026 updates.

Apply the Workaround
The developer recommends the users to follow the workaround until applying the patch.

For more details, refer to the information provided by the developer.