CVE-2020-11546

CRITICAL EXPLOITED NUCLEI

SuperWebMailer < 7.40.0.01550 - Unauthenticated Remote Code Execution via Language Parameter

Title source: llm

Exploitation Summary

CVE-2020-11546 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including damit5, Official-BlackHat13. A Nuclei detection template is also available.

AI-analyzed exploit summary This is a Go-based exploit for CVE-2020-11546, targeting a command injection vulnerability in SuperWebMailer. It automates the exploitation process by sending a crafted POST request to execute arbitrary commands via the 'Language' parameter.

Description

SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to execute arbitrary PHP code via Code Injection.

Exploits (2)

nomisec WORKING POC 1 stars

by damit5 · remote-auth

https://github.com/damit5/CVE-2020-11546

View Code ZIP pw:eip

This is a Go-based exploit for CVE-2020-11546, targeting a command injection vulnerability in SuperWebMailer. It automates the exploitation process by sending a crafted POST request to execute arbitrary commands via the 'Language' parameter.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SuperWebMailer (version not specified)

No auth needed

Prerequisites: Network access to the target · Vulnerable SuperWebMailer instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 1 stars

by Official-BlackHat13 · remote-auth

https://github.com/Official-BlackHat13/CVE-2020-11546

View Code ZIP pw:eip

This is a functional exploit for CVE-2020-11546, a remote code execution vulnerability in SuperWebMailer. It leverages command injection via the `Language` parameter in a POST request to `mailingupgrade.php`.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SuperWebMailer (version not specified)

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

SuperWebmailer 7.21.0.01526 - Remote Code Execution

CRITICALby Official_BlackHat13

Shodan: title:"SuperWebMailer" || http.title:"superwebmailer"

FOFA: title="superwebmailer"

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://blog.to.com/advisory-superwebmailer-cve-2020-11546/

Scores

CVSS v3 9.8

EPSS 0.3173

EPSS Percentile 98.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-11-22

CWE

CWE-94

Status published

Products (1)

superwebmailer/superwebmailer < 7.40.0.01550

Published Jul 14, 2020

Tracked Since Feb 18, 2026