CVE-2016-10033
critical-risk
Published 2016-12-30
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Do I need to act?
!
94.5% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
+
Fix available
Upgrade to: ed4e7ce8ad877a8f578139c491c256ab1933c7c9
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Vendors
References (43)
Mailing List
http://seclists.org/fulldisclosure/2016/Dec/78
Broken Link
http://www.securityfocus.com/bid/95108
Broken Link
http://www.securitytracker.com/id/1037533
Third Party Advisory
https://developer.joomla.org/security-centre/668-20161205-phpmailer-security-adv...
Third Party Advisory
https://www.drupal.org/psa-2016-004
and 23 more references
75
/ 100
critical-risk
Severity
32/34 · Critical
Exploitability
34/34 · Critical
Exposure
9/34 · Low