CVE-2020-11698 – SpamTitan 7.07 - Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-11698
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server. Se detectó un problema en Titan SpamTitan versión 7.07. Un saneamiento de entrada inapropiada del parámetro community en la página snmp-x.php permitiría a un atacante remoto inyectar comandos en el archivo snmpd.conf que permitiría ejecutar comandos en el servidor de destino SpamTitan version 7.07 suffers from an unauthenticated remote code execution vulnerability in snmp-x.php. • https://www.exploit-db.com/exploits/48856 http://packetstormsecurity.com/files/159470/SpamTitan-7.07-Remote-Code-Execution.html http://packetstormsecurity.com/files/160809/SpamTitan-7.07-Command-Injection.html https://github.com/felmoltor https://sensepost.com/blog/2020/clash-of-the-spamtitan https://twitter.com/felmoltor https://www.spamtitan.com • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2020-11804 – SpamTitan 7.07 - Remote Code Execution (Authenticated)
https://notcve.org/view.php?id=CVE-2020-11804
An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request. Se detectó un problema en Titan SpamTitan versión 7.07. Debido a un saneamiento inapropiado del parámetro quid, utilizado en la página mailqueue.php, una inyección de código puede ocurrir. • https://www.exploit-db.com/exploits/48817 http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html https://github.com/felmoltor https://sensepost.com/blog/2020/clash-of-the-spamtitan https://twitter.com/felmoltor https://www.spamtitan.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2020-11803 – SpamTitan 7.07 - Remote Code Execution (Authenticated)
https://notcve.org/view.php?id=CVE-2020-11803
An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval() function. The user has to be authenticated on the web platform before interacting with the page. Se detectó un problema en Titan SpamTitan versión 7.07. Un saneamiento inapropiado del parámetro jaction cuando interactúa con la página mailqueue.php, podría conllevar a una evaluación del código PHP del lado del servidor, porque la entrada proporcionada por el usuario es pasada directamente a la función php eval(). • https://www.exploit-db.com/exploits/48817 http://packetstormsecurity.com/files/159218/SpamTitan-7.07-Remote-Code-Execution.html https://github.com/felmoltor https://sensepost.com/blog/2020/clash-of-the-spamtitan https://twitter.com/felmoltor https://www.spamtitan.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2019-6800
https://notcve.org/view.php?id=CVE-2019-6800
In TitanHQ SpamTitan through 7.03, a vulnerability exists in the spam rule update function. Updates are downloaded over HTTP, including scripts which are subsequently executed with root permissions. An attacker with a privileged network position is trivially able to inject arbitrary commands. En TitanHQ SpamTitan hasta 7.03, existe una vulnerabilidad en la función de actualización de la regla de spam. Las actualizaciones se descargan a través de HTTP, incluidos los scripts que posteriormente se ejecutan con permisos de root. • https://write-up.github.io/CVE-2019-6800 https://www.spamtitan.com/category/spamtitan-news • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2018-15136
https://notcve.org/view.php?id=CVE-2018-15136
TitanHQ SpamTitan before 7.01 has Improper input validation. This allows internal attackers to bypass the anti-spam filter to send malicious emails to an entire organization by modifying the URL requests sent to the application. TitanHQ SpamTitan, en versiones anteriores a la 7.01, tiene una validación de entradas incorrecta. Esto permite a los atacantes internos omitir el filtro antispam para enviar correos maliciosos a todo el personal de una determinada organización modificando las peticiones URL enviadas a la aplicación. • https://www.fwhibbit.es/bypassing-spam-titan-my-first-cve • CWE-20: Improper Input Validation •