SMTP Smuggling Vulnerability in Postfix Email Server
CVE-2023-51764

5.3MEDIUM

Key Information:

Vendor: Postfix
Status: Postfix
Vendor: CVE Published:; 24 December 2023

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 27%

What is CVE-2023-51764?

An SMTP smuggling vulnerability exists in Postfix through version 3.8.5, allowing remote attackers to exploit improperly configured servers to inject spoofed email messages. This occurs due to the way Postfix handles line feed characters (.), which some other email servers may not recognize. Without proper configuration, such as setting smtpd_data_restrictions to reject_unauth_pipelining and leveraging other configurations, SPF protections can be bypassed. To mitigate these risks, administrators should ensure they are using a Postfix version of at least 3.5.23, 3.6.13, 3.7.9, or 3.8.4, and implement the smtpd_forbid_bare_newline option.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-51764
Created by duy-31

CVE-2023-51764
Created by eeenvik1

CVE-2023-51764-POC
Created by d4op

References

https://www.postfix.org/smtp-smuggling.html

https://sec-consult.com/blog/detail/smtp-smuggling-spoofi...

http://www.openwall.com/lists/oss-security/2023/12/24/1

mailing-list

EPSS Score

27% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jan 5, 2024
👾
Exploit known to exist
Jan 5, 2024
Vulnerability published
Dec 24, 2023
Vulnerability Reserved
Dec 24, 2023

CVE-2023-51764 Data

JSON