Server-Side Request Forgery Vulnerability in FreeScout Help Desk
CVE-2026-40566

4.1MEDIUM

Key Information:

Vendor

Freescout-help-desk

Status
Freescout
Vendor
CVE Published:
21 April 2026

What is CVE-2026-40566?

FreeScout is a self-hosted help desk solution that introduced a vulnerability in its IMAP/SMTP connection tests prior to version 1.8.213. An attacker with admin privileges can exploit this vulnerability through the MailboxesController, allowing them to pass arbitrary server addresses to fsockopen() connections. This lack of validation opens the door for internal network scanning, making it possible for the attacker to identify open and closed ports on internal services. Additionally, when connecting to non-IMAP services, useful information about these services might be logged and returned, further enabling the attacker to gather insights about the internal network. Users are advised to upgrade to version 1.8.213 or later to mitigate this risk.

Affected Version(s)

freescout < 1.8.213

References

https://github.com/freescout-help-desk/freescout/security...
x_refsource_CONFIRM
https://github.com/freescout-help-desk/freescout/commit/e...
x_refsource_MISC
https://github.com/freescout-help-desk/freescout/releases...
x_refsource_MISC

CVSS V3.1

Score:
4.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.