PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) Discovered by Dawid Golunski (@dawid_golunski) http://ift.tt/2fcYckq Desc: I discovered that the current PHPMailer versions (< 5.2.20) were still vulnerable to RCE as it is possible to bypass the currently available patch. This was reported responsibly to the vendor & assigned a CVEID on the 26th of December. The vendor has been working on a new patch which would fix the problem but not break the RFC too badly. The patch should be published very soon. I'm releasing this as a 0day without the new patch available publicly as a potential bypass was publicly discussed on oss-sec list with Solar Designer in the PHPMailer < 5.2.18 thread, so holding the advisory further would serve no purpose. Current advisory URL: http://ift.tt/2ipuIBa PoC exploit URL: http://ift.tt/2ig1Uhm More updates soon at: https://twitter.com/dawid_golunski Stay tuned.
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment