CVE-1999-0173

FormMail - Server-Side Request Forgery

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0173. PoCs published by anonymous.

AI-analyzed exploit summary This exploit leverages CVE-1999-0173 to abuse a remote FormMail script by injecting a command into the 'recipient' field, which executes arbitrary commands on the target system. The PoC demonstrates how an attacker can exfiltrate sensitive data (e.g., /etc/passwd) via email.

Description

FormMail CGI program can be used by web servers other than the host server that the program resides on.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · htmlremoteunix

https://www.exploit-db.com/exploits/20486

View Code ZIP pw:eip

This exploit leverages CVE-1999-0173 to abuse a remote FormMail script by injecting a command into the 'recipient' field, which executes arbitrary commands on the target system. The PoC demonstrates how an attacker can exfiltrate sensitive data (e.g., /etc/passwd) via email.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Matt Wright FormMail.pl (versions prior to fixes)

No auth needed

Prerequisites: Target server with vulnerable FormMail.pl script accessible · Outbound email connectivity from the target server

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry x_refsource_misc

https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0173

Scores

EPSS 0.0483

EPSS Percentile 90.8%

Details

Status published

Products (1)

matt_wright/formmail

Published Jan 01, 1997

Tracked Since Feb 18, 2026