Roundcube virtualmin privilege escalation (CVE-2017-8114)
Medium
I
Internet Bug Bounty
Submitted None
Actions:
Reported by
ilsani
Vulnerability Details
Technical details and impact analysis
# Description
*Password* plugin in its virtualmin driver allows to an attacker, that has a valid username/password to login in his web panel, to execute malicious inputs. This could allow to an attacker to reset victim's password and in some scenarios getting a system shell.
# CVE
CVE-2017-8114
# Details
- https://roundcube.net/news/2017/04/28/security-updates-1.2.5-1.1.9-and-1.0.11
- ████
- https://nvd.nist.gov/vuln/detail/CVE-2017-8114
Related CVEs
Associated Common Vulnerabilities and Exposures
CVE-2017-8114
UNKNOWN
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The problem is caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Command Injection - Generic