0NYX-MY7H

3 exploits Active since Apr 2025
CVE-2025-43920 NOMISEC MEDIUM WRITEUP
GNU Mailman 2.1.1-2.1.38 - Unauthenticated OS Command Injection via Email Subject Line
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.
1 stars
CVSS 5.4
CVE-2025-43919 NOMISEC MEDIUM WRITEUP
GNU Mailman 2.1.1-2.1.38 - Unauthenticated Path Traversal via Username Parameter
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.
CVSS 5.8
CVE-2025-43921 NOMISEC MEDIUM WRITEUP
GNU Mailman 2.1.1-2.1.38 - Unauthenticated List Creation via /mailman/create Endpoint
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.
CVSS 5.3