 |
| PHPMailer Flaw |
Researcher reported vulnerability (CVE-2016-10033 ) that allows an attacker to remotely execute arbitrary code in the context of the web server and compromise the target web application to PHPMailer team and fixed it in their new update 5.2.18. To exploit this issue attacker doesn't need any special function or interaction, According to him
"To exploit the vulnerability an attacker could target common website components such as contact/feedback forms, registration forms, password email resets and others that send out emails with the help of a vulnerable version of the PHPMailer class,"
Golnuski didn't make full disclosure about the bug, no technical detail is published but he clearly stated that
"The researcher also developed an Unauthenticated RCE exploit for a popular open-source application (deployed on the Internet on more than a million servers) as a PoC for real-world exploitation. It might be published after the vendor has fixed the vulnerabilities"He published video POC (proof of concept) alomg with his advisory to give hints to this attack.
Who are vulnerable?
Over 9 million websites and popular open source cms such as WordPress, Drupal, 1CRM, SugarCRM, Yii, joomla etc are vulnerable to attack. Or Simply these CMS come up with preloaded PHPMailer are vulnerable, All the webapp are vulnerable which is using PHPMailer version lower than 5.2.18.How To Fix Remote Exploit (RCE) on PHPMailer?
Basically you need to update your PhpMailer to latest version. PhpMailer released a critical security release of PHPMailer 5.2.18 to patch this vulnerability. You can smell these from Changelog and Security. So the all PHP developer Web Admins are advised to update and patch your vulnerable PHPMailer to get rid of this issue.Source: Thehackernews
December 27, 2016
Tags :
news
,
php
,
PHPMailer
Subscribe by Email
Follow Updates Articles from This Blog via Email
No Comments