CVE-2016-1142

CRITICAL

Seeds acmailer <3.8.21, <3.9.15 - Command Injection

Title source: llm
STIX 2.1

Description

Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.acmailer.jp/info/de.cgi?id=64
Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000002
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN50899877/index.html

Scores

CVSS v3 9.1
EPSS 0.0241
EPSS Percentile 82.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (15)
seeds/acmailer 3.9.0 beta
seeds/acmailer 3.9.1 beta
seeds/acmailer 3.9.2 beta
seeds/acmailer 3.9.3 beta
seeds/acmailer 3.9.4 beta
seeds/acmailer 3.9.5 beta
seeds/acmailer 3.9.6 beta
seeds/acmailer 3.9.7 beta
seeds/acmailer 3.9.8 beta
seeds/acmailer 3.9.9 beta
... and 5 more
Published Jan 16, 2016
Tracked Since Feb 18, 2026