Description

The IMP is a web-based mail client for IMAP and POP3 accounts. It is built atop the Horde Application Framework, which is a general-purpose web application library written in PHP.

A vulnerability in Horde IMP could allow unauthenticated command execution via imap_open in an exposed debug page.

Remediation

The IMP debug page (accessible at http://example.com/horde/imp/test.php) should be deleted after installation.

References

Horde Imp Unauthenticated Remote Command Execution

Horde IMP

PHP imap_open() script injection

Related Vulnerabilities

WordPress Plugin Subscribe Form Remote Command Execution (1.1)

Ektron CMS unauthenticated code execution and Local File Read

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46731)

vBulletin 5 CONNECT remote code execution

WordPress Plugin Form Manager Remote Command Execution (1.7.2)

Severity

High

Classification

CVE-2018-19518 CWE-94 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution