CVE-2018-20323

HIGH

MailCleaner Community Edition 2018.08 - Remote Code Execution via Logs.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-20323. PoCs published by Mehmet Ince <[email protected]>, including Metasploit module exploits/linux/http/mailcleaner_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in MailCleaner Community Edition via the `/admin/managetracing/search/search` endpoint, allowing authenticated users to execute arbitrary commands as root.

Description

www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.

Exploits (1)

metasploit WORKING POC EXCELLENT
by Mehmet Ince <[email protected]> · rubypocpython
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/mailcleaner_exec.rb

This Metasploit module exploits a command injection vulnerability in MailCleaner Community Edition via the `/admin/managetracing/search/search` endpoint, allowing authenticated users to execute arbitrary commands as root.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MailCleaner Community Edition
Auth required
Prerequisites: Valid credentials for MailCleaner admin panel · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/151056/Mailcleaner-Remote-Code-Execution.html

Scores

CVSS v3 8.8
EPSS 0.5512
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
mailcleaner/mailcleaner 2018.08
Published Mar 21, 2019
Tracked Since Feb 18, 2026