Vulnerability Details : CVE-2020-12641
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
Vulnerability category: Execute code
Products affected by CVE-2020-12641
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*
- cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*
- cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*
CVE-2020-12641 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Roundcube Webmail Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
Notes:
https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10; https://nvd.nist.gov/vuln/detail/CVE-2020-12641
Added on
2023-06-22
Action due date
2023-07-13
Exploit prediction scoring system (EPSS) score for CVE-2020-12641
12.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-12641
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-12641
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-12641
-
https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4
Comparing 1.4.3...1.4.4 · roundcube/roundcubemail · GitHubRelease Notes;Third Party Advisory
-
https://github.com/roundcube/roundcubemail/releases/tag/1.4.4
Release Roundcube Webmail 1.4.4 · roundcube/roundcubemail · GitHubRelease Notes;Third Party Advisory
-
https://security.gentoo.org/glsa/202007-41
Roundcube: Multiple vulnerabilities (GLSA 202007-41) — Gentoo securityThird Party Advisory
-
https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
Fix remote code execution via crafted 'im_convert_path' or 'im_identi… · roundcube/roundcubemail@fcfb099 · GitHubPatch;Third Party Advisory
-
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube
Disclosures/CVE-2020-12641-Command Injection-Roundcube at master · DrunkenShells/Disclosures · GitHubExploit;Third Party Advisory
-
https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
Security updates 1.4.4, 1.3.11 and 1.2.10 releasedRelease Notes;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html
[security-announce] openSUSE-SU-2020:1516-1: moderate: Security update fMailing List;Third Party Advisory
Jump to