CVE-2022-31138
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
mailcow is a mailserver suite. Prior to mailcow-dockerized version 2022-06a, an extended privilege vulnerability can be exploited by manipulating the custom parameters regexmess, skipmess, regexflag, delete2foldersonly, delete2foldersbutnot, regextrans2, pipemess, or maxlinelengthcmd to execute arbitrary code. Users should update their mailcow instances with the update.sh script in the mailcow root directory to 2022-06a or newer to receive a patch for this issue. As a temporary workaround, the Syncjob ACL can be removed from all mailbox users, preventing changes to those settings.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| mailcow | mailcow-dockerized | < 2022-06a | affected |
Weaknesses
- CWE-78: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-vx9w-h33p-5vhc
- https://github.com/mailcow/mailcow-dockerized/commit/d373164e13a14e058f82c9f1918a5612f375a9f9
- https://github.com/ly1g3/Mailcow-CVE-2022-31138
- https://github.com/mailcow/mailcow-dockerized/releases/tag/2022-06a
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
- https://github.com/mailcow/mailcow-dockerized/security/advisories/GHSA-vx9w-h33p-5vhc
- https://github.com/mailcow/mailcow-dockerized/commit/d373164e13a14e058f82c9f1918a5612f375a9f9
- https://github.com/ly1g3/Mailcow-CVE-2022-31138
- https://github.com/mailcow/mailcow-dockerized/releases/tag/2022-06a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.