Description
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo command that leverages access to the qmailq account.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Ruben Garrote García · textremotelinux
https://www.exploit-db.com/exploits/29734
References (1)
Core 1
Core References
Exploit mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0139.html
Scores
EPSS
0.0062
EPSS Percentile
70.3%
Details
CWE
CWE-264
Status
published
Products (1)
pineapp/mail-secure_5099sk
< -
Published
Nov 20, 2013
Tracked Since
Feb 18, 2026