Skip to main content

Swiftmailer

1 CVEs product

Monthly

CVE-2016-10074 PHP CRITICAL POC PATCH THREAT Act Now

The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.5%.

Command Injection RCE Swiftmailer
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
75.5%
Threat
5.7
EPSS 76% 5.7 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.5%.

Command Injection RCE Swiftmailer
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy