CVE-2008-7012
Accellion Secure File Transfer Appliance < 7_0_178 - Spam Email Injection via Error Reporting Page
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-7012. PoCs published by Eric Beaulieu.
AI-analyzed exploit summary This exploit demonstrates an open-email-relay vulnerability in Accellion File Transfer Appliance. It allows an attacker to send spam emails to arbitrary addresses by forging the sender and manipulating the API endpoint.
Description
courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters.
Exploits (1)
This exploit demonstrates an open-email-relay vulnerability in Accellion File Transfer Appliance. It allows an attacker to send spam emails to arbitrary addresses by forging the sender and manipulating the API endpoint.