CVE-2013-6831
PineApp Mail-SeCure 3.70 and earlier on 5099SK - Privilege Escalation via Sudoers Misconfiguration
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-6831. PoCs published by Ruben Garrote García.
AI-analyzed exploit summary The exploit demonstrates a command injection vulnerability in MailSecure's admin interface, allowing unauthenticated remote code execution via crafted HTTP requests. It also details privilege escalation to root via weak sudoers configuration.
Description
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account.
Exploits (1)
The exploit demonstrates a command injection vulnerability in MailSecure's admin interface, allowing unauthenticated remote code execution via crafted HTTP requests. It also details privilege escalation to root via weak sudoers configuration.