Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS02aDc4LTg1djItbW1jaM4AA5CX

PHPMailer Shell command injection

PHPMailer before 1.7.4, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.

Impact

Shell command injection, remotely exploitable if host application does not filter user data appropriately.

Patches

Fixed in 1.7.4

Workarounds

Filter and validate user-supplied data before putting in the into the Sender property.

References

https://nvd.nist.gov/vuln/detail/CVE-2007-3215

For more information

If you have any questions or comments about this advisory:

• Open a private issue in the PHPMailer project

Permalink: https://github.com/advisories/GHSA-6h78-85v2-mmch
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS02aDc4LTg1djItbW1jaM4AA5CX
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 12 months ago
Updated: 12 months ago

EPSS Percentage: 0.01923
EPSS Percentile: 0.88296

Identifiers: GHSA-6h78-85v2-mmch, CVE-2007-3215
References:

• https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-6h78-85v2-mmch
• https://cxsecurity.com/issue/WLB-2007060063
• https://exchange.xforce.ibmcloud.com/vulnerabilities/34818
• https://seclists.org/fulldisclosure/2011/Oct/223
• https://sourceforge.net/p/phpmailer/bugs/192/
• https://web.archive.org/web/20070714054359/http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/
• https://yehg.net/lab/pr0js/advisories/%5BvTiger_5.2.1%5D_rce
• https://github.com/advisories/GHSA-6h78-85v2-mmch

Repository: https://github.com/PHPMailer/PHPMailer
Blast Radius: 0.0

Affected Packages