Описание
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
A flaw was found in Roundcube Webmail. This vulnerability allows remote code execution by authenticated users via PHP object deserialization through unvalidated _from parameter in upload.php.
Отчет
Red Hat has evaluated this vulnerability and its related components. No products are affected as Roundcube Webmail is not shipped in the Red Hat Product Portfolio.
Меры по смягчению последствий
To mitigate this vulnerability, update Roundcube Webmail to version 1.5.10 or 1.6.11, which addresses the issue by properly validating the _from parameter in upload.php.
Ссылки на источники
Дополнительная информация
Статус:
EPSS
9.9 Critical
CVSS3
Связанные уязвимости
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote ...
Roundcube Webmail Vulnerable to Authenticated RCE via PHP Object Deserialization
Уязвимость почтового клиента RoundCube Webmail, связанная с недостатками механизма десериализации при обработке параметра _from, позволяющая нарушителю выполнить произвольный код
EPSS
9.9 Critical
CVSS3