6 matches found
CVE-2022-31138
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute...
CVE-2022-31138 OS Command Injection in mailcow
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute...
CVE-2022-31138
CVE-2022-31138 affects mailcow-dockerized prior to version 2022-06a, where an extended privilege vulnerability allows code execution via user-controlled imapsync parameters such as regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd...
CVE-2022-31138 OS Command Injection in mailcow
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute...
CVE-2022-31138 OS Command Injection in mailcow
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute...
CVE-2022-31138
creationtimestamp| type| source ---|---|--- 2022-07-11 07:05:49+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2676 2022-07-11 18:21:54+00:00| seen| https://t.me/cibsecurity/45932 2022-07-12 11:00:26+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/6380...