CVE-2013-6829

Pineapp Mail-secure - Code Injection

Title source: rule

Description

admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation.

Exploits (2)

exploitdb WORKING POC

remotelinux

https://www.exploit-db.com/exploits/29734

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Dave Weinstein, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/pineapp_test_li_conn_exec.rb

View Code ZIP pw:eip

References (1)

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0133.html

Scores

EPSS 0.7191

EPSS Percentile 98.7%

Details

CWE

CWE-94

Status published

Products (1)

pineapp/mail-secure

Published Nov 20, 2013

Tracked Since Feb 18, 2026