dark
Hand-Picked Top-Read Stories
Trending Tags
2 minute read

Mailcow Mail Server Flaws Expose Servers to Remote Code Execution

Avatar
June 19, 2024
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances. Both shortcomings impact all versions of the software prior to version 2024-04, which was released on April 4, 2024. The issues were responsibly disclosed by SonarSource on March 22, 2024. The flaws
Total
0
Shares
0
0
0
[[{“value”:”

Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances.

Both shortcomings impact all versions of the software prior to version 2024-04, which was released on April 4, 2024. The issues were responsibly disclosed by SonarSource on March 22, 2024.

The flaws, rated Moderate in severity, are listed below –

CVE-2024-30270 (CVSS score: 6.7) – A path traversal vulnerability impacting a function named “rspamd_maps()” that could result in the execution of arbitrary commands on the server by allowing a threat actor to overwrite any file that’s can be modified with the “www-data” user
CVE-2024-31204 (CVSS score: 6.8) – A cross-site scripting (XSS) vulnerability via the exception handling mechanism when not operating in the DEV_MODE

The second of the two flaws is rooted in the fact that it saves details of the exception sans any sanitization or encoding, which are then rendered into HTML and executed as JavaScript within the users’ browser.

As a result, an attacker could take advantage of the scenario to inject malicious scripts into the admin panel by triggering exceptions with specially crafted input, effectively allowing them to hijack the session and perform privileged actions in the context of an administrator.

Put differently, by combining the two flaws, it’s possible for a malicious party to take control of accounts on a Mailcow server and gain access to sensitive data as well as execute commands.

In a theoretical attack scenario, a threat actor can craft an HTML email containing a CSS background image which is loaded from a remote URL, using it to trigger the execution of an XSS payload.

“An attacker can combine both vulnerabilities to execute arbitrary code on the admin panel server of a vulnerable mailcow instance,” SonarSource vulnerability researcher Paul Gerste said.

“The requirement for this is that an admin user views a malicious email while being logged into the admin panel. The victim does not have to click a link inside the email or perform any other interaction with the email itself, they only have to continue using the admin panel after viewing the email.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

CISO Melbourne

June 18, 2024
Next Post

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

June 19, 2024
Related Posts
2 min

New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and Data

Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm. The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel
Omega Balla
Omega Balla
May 8, 2024
Read More