CVE-2024-3191

MailCleaner Email os command injection

Description

A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14. This issue affects some unknown processing of the component Email Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-262307.

INFO

Published Date :

2024-04-29T06:21:47.288Z

Last Modified :

2024-08-27T17:34:56.094Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2024-3191 vulnerability.

Vendors	Products
Mailcleaner	Mailcleaner

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-3191.

URL	Resource
https://github.com/MailCleaner/MailCleaner/pull/601
https://modzero.com/en/advisories/mz-24-01-mailcleaner/
https://modzero.com/static/MZ-24-01_modzero_MailCleaner.pdf
https://vuldb.com/?ctiid.262307
https://vuldb.com/?id.262307

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact