Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
410
VMScore

CVE-2017-16651

Published: 09/11/2017 Updated: 04/03/2021
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 410
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Webmail

Vulnerability Summary

Roundcube Webmail prior to 1.1.10, 1.2.x prior to 1.2.7, and 1.3.x prior to 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

roundcube webmail 1.3.0

roundcube webmail 1.2.5

roundcube webmail

roundcube webmail 1.3.2

roundcube webmail 1.2.3

roundcube webmail 1.2.2

roundcube webmail 1.2.1

roundcube webmail 1.2.0

roundcube webmail 1.3.1

roundcube webmail 1.2.6

roundcube webmail 1.2.4

debian debian linux 9.0

debian debian linux 7.0

Vendor Advisories

Debian Security Advisories: DSA-4030-1 roundcube -- security update
A file disclosure vulnerability was discovered in roundcube, a skinnable AJAX based webmail solution for IMAP servers An authenticated attacker can take advantage of this flaw to read roundcube's configuration files For the stable distribution (stretch), this problem has been fixed in version 123+dfsg1-4+deb9u1 For the unstable distribution ( ...
Arch Linux Issues:
Roundcube Webmail 13x before 133 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017 The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session The issue is related to file-ba ...

Exploits

Exploit DB: Roundcube Webmail 1.2 File Disclosure
Roundcube Webmail version 12 suffers from a file disclosure vulnerability ...

Github Repositories

https://github.com/stonepresto/CVE-2017-16651

Python implementation of Roundcube LFI (CVE-2017-16651)

CVE-2017-16651 Python implementation of Roundcube LFI (CVE-2017-16651)

https://github.com/sephiroth950911/CVE-2017-16651-Exploit

CyberPunk Style CVE-2017-16651 Roundcube Webmail Exploit

CVE-2017-16651-Exploit CyberPunk Style CVE-2017-16651 Roundcube Webmail Exploit

References

CWE-552https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10https://github.com/roundcube/roundcubemail/releases/tag/1.3.3https://github.com/roundcube/roundcubemail/releases/tag/1.2.7https://github.com/roundcube/roundcubemail/releases/tag/1.1.10https://github.com/roundcube/roundcubemail/issues/6026https://www.debian.org/security/2017/dsa-4030http://www.securityfocus.com/bid/101793https://lists.debian.org/debian-lts-announce/2017/11/msg00039.htmlhttp://packetstormsecurity.com/files/161226/Roundcube-Webmail-1.2-File-Disclosure.htmlhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-4030https://github.com/stonepresto/CVE-2017-16651
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
brute forceCVE-2024-24908open redirectCVE-2024-31497CVE-2023-45866CVE-2024-4135CVE-2024-25523cache poisoningCVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook