CVE-2024-3196 | MailCleaner up to 2023.03.14 SOAP Service getStats os command injection (MZ-24-01)

Inserito da Angelo Barbosa | Apr 29, 2024 | CVE

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects unknown code of the file /mailcleaner.php/getStats of the component SOAP Service. The manipulation leads to os command injection.

This vulnerability was named CVE-2024-3196. Local access is required to approach this attack. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-3196 | MailCleaner up to 2023.03.14 SOAP Service getStats os command injection (MZ-24-01)

Post correlati

CVE-2023-27150 | openCRX 5.2.0 Manage Activity Name cross site scripting

CVE-2024-6777 | Google Chrome up to 126.0.6478.126 Navigation use after free (ID 345640)

CVE-2024-9878 | 10Web Photo Gallery Plugin up to 1.8.30 on WordPress cross site scripting

CVE-2024-34481 | Drupal Wiki 8.30/8.31.0 Page cross site scripting