ly1g3/Mailcow-CVE-2022-31245

Releases0

Stars12

CVE-2022-31245: RCE and domain admin privilege escalation for Mailcow

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-31245 ↗	May 20, 2022Friday, 20 May 2022, 15:15	8.8 HIGH	9 HIGH
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.