Critical flaw in PHPMailer Puts millions of site at risk

0
13
PHPMailer < 5.2.18 - Remote Code Execution CVE-2016-10033

PHPMailer is a real classic email sending tool which is created in PHP and is being used by tons of website over the internet if I take a rough guess it is used by 9 million websites. And guess what is the most fun part  😈 ? This is because of a newly found vulnerability in PHPMailer version 5.2.18.

This vulnerability affects the sites running PHPMailer and allows the hacker to executed system commands and completely take control of the targets website.

=============================================
– Discovered by: Dawid Golunski
– dawid[at]legalhackers.com
– https://legalhackers.com

– CVE-2016-10045
– Release date: 27.12.2016
– Last revision: 28.12.2016
– Revision 3.0
– Severity: Critical
=============================================

Exploit :- https://www.exploit-db.com/exploits/40968/

II. BACKGROUND
————————-

“PHPMailer continues to be the world’s most popular transport class, with an
estimated 9 million users worldwide. Downloads continue at a significant
pace daily.”

http://phpmailer.worxware.com/
“Probably the world’s most popular code for sending email from PHP!
Used by many open-source projects: WordPress, Drupal, 1CRM, SugarCRM, Yii,
Joomla! and many more”

https://github.com/PHPMailer/PHPMailer

 

More Information regarding this vulnerability can be found on the original site over here:-

https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html

 

How to Fix this:-

Fix to this issue have been released and the best practice is to update your PHPMailer on your site.