QwikSec

Security Database

CVE

CWE

Training

CVE-2016-9920

Published: Dec 8, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

steps/mail/sendmail.inc in Roundcube before 1.1.7 and 1.2.x before 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a crafted e-mail message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://blog.ripstech.com/2016/roundcube-command-execution-via-email/

x_refsource_MISC

vdb-entry

x_refsource_BID

[oss-security] 20161208 roundcube code execution via mail()

mailing-list

x_refsource_MLIST

https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-released

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.