CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-36326

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1290%
EPSS Percentile14.84th
Published2021年4月28日
Last Modified2024年11月21日

Vulnerability Description

PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminated the code that blocked addAttachment exploitation.

Affected Platforms (CPE)

📦
Phpmailer Project

Phpmailer

>= 6.1.8 and <= 6.4.0
📦
Wordpress

Wordpress

>= 3.7 and < 3.7.36
📦
Wordpress

Wordpress

>= 3.8 and < 3.8.36
📦
Wordpress

Wordpress

>= 3.9 and < 3.9.34
📦
Wordpress

Wordpress

>= 4.0 and < 4.0.33
📦
Wordpress

Wordpress

>= 4.1 and < 4.1.33
📦
Wordpress

Wordpress

>= 4.2 and < 4.2.30
📦
Wordpress

Wordpress

>= 4.3 and < 4.3.26
📦
Wordpress

Wordpress

>= 4.4 and < 4.4.25
📦
Wordpress

Wordpress

>= 4.5 and < 4.5.24
📦
Wordpress

Wordpress

>= 4.6 and < 4.6.21
📦
Wordpress

Wordpress

>= 4.7 and < 4.7.21
📦
Wordpress

Wordpress

>= 4.8 and < 4.8.17
📦
Wordpress

Wordpress

>= 4.9 and < 4.9.18
📦
Wordpress

Wordpress

>= 5.0 and < 5.0.13
📦
Wordpress

Wordpress

>= 5.1 and < 5.1.10
📦
Wordpress

Wordpress

>= 5.2 and < 5.2.11
📦
Wordpress

Wordpress

>= 5.3 and < 5.3.8
📦
Wordpress

Wordpress

>= 5.4 and < 5.4.6
📦
Wordpress

Wordpress

>= 5.5 and < 5.5.5
📦
Wordpress

Wordpress

>= 5.6 and < 5.6.4
📦
Wordpress

Wordpress

>= 5.7 and < 5.7.2

References & Advisories

🔗 https://github.com/PHPMailer/PHPMailer/commit/e2e07a355ee8ff36aba21d0242c5950c56e4c6f9
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3B5WDPGUFNPG4NAZ6G4BZX43BKLAVA5B/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPU66INRFY5BQ3ESVPRUXJR4DXQAFJVT/
🔗 https://github.com/PHPMailer/PHPMailer/commit/e2e07a355ee8ff36aba21d0242c5950c56e4c6f9
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3B5WDPGUFNPG4NAZ6G4BZX43BKLAVA5B/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPU66INRFY5BQ3ESVPRUXJR4DXQAFJVT/

相關漏洞威脅

CVE-2008-561910.0

html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alp...

CVE-2016-100459.8

The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and cons...

CVE-2016-100339.8

The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to ...

CVE-2018-192968.8

PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.