Email Stealing Vulnerability in Roundcube
CVE-2024-42008
Key Information:
Badges
What is CVE-2024-42008?
A Cross-Site Scripting (XSS) vulnerability exists in the rcmail_action_mail_get->run() function of Roundcube Webmail, affecting versions up to 1.6.7 and 1.5.7. This vulnerability enables a remote attacker to compromise the email account of a victim by exploiting a malicious email attachment that contains an unsafe Content-Type header. Successful exploitation can lead to unauthorized access to the victim's emails, allowing attackers to send and potentially steal sensitive information.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Security AffairsCritical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive data
Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts.
Help Net SecurityRoundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008) - Help Net Security
Roundcube XSS vulnerabilities (CVE-2024-42009, CVE-2024-42008) could be exploited to steal users' emails and contacts, and send emails.
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 📰
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved