Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6
CVSSv2

CVE-2016-9920

Published: 08/12/2016 Updated: 01/07/2017
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Roundcube

Vulnerability Summary

steps/mail/sendmail.inc in Roundcube prior to 1.1.7 and 1.2.x prior to 1.2.3, when no SMTP server is configured and the sendmail program is enabled, does not properly restrict the use of custom envelope-from addresses on the sendmail command line, which allows remote authenticated users to execute arbitrary code via a modified HTTP request that sends a crafted e-mail message.

Vulnerable Product Search on Vulmon Subscribe to Product

roundcube webmail

roundcube webmail 1.2.1

roundcube webmail 1.2.2

roundcube webmail 1.2.0

Vendor Advisories

Debian CVElist Bug Report Logs: roundcube: CVE-2016-9920: Remote command execution via malicious email composing
Debian Bug report logs - #847287 roundcube: CVE-2016-9920: Remote command execution via malicious email composing Package: roundcube; Maintainer for roundcube is Debian Roundcube Maintainers <pkg-roundcube-maintainers@listsaliothdebianorg>; Source for roundcube is src:roundcube (PTS, buildd, popcon) Reported by: Juan Ross ...

Github Repositories

https://github.com/t0kx/exploit-CVE-2016-9920

Roundcube 1.0.0 <= 1.2.2 Remote Code Execution exploit and vulnerable container

Roundcube 100 &lt;= 122 Remote Code Execution Roundcube is a widely distributed open-source webmail software used by many organizations and companies around the globe The mirror on SourceForge, for example, counts more than 260,000 downloads in the last 12 months which is only a small fraction of the actual users Once Roundcube is installed on a server, it provides a

References

CWE-284https://roundcube.net/news/2016/11/28/updates-1.2.3-and-1.1.7-releasedhttp://www.openwall.com/lists/oss-security/2016/12/08/10https://blog.ripstech.com/2016/roundcube-command-execution-via-email/http://www.securityfocus.com/bid/94858https://security.gentoo.org/glsa/201612-44https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847287https://nvd.nist.govhttps://github.com/t0kx/exploit-CVE-2016-9920
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook