CVE-2020-12641

CRITICAL KEV NUCLEI

Roundcube Webmail <1.4.4 - RCE

Title source: llm

Description

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

Exploits (2)

nomisec WRITEUP

by mbadanoiu · poc

https://github.com/mbadanoiu/CVE-2020-12641

View Code ZIP pw:eip

nomisec WRITEUP

by mbadanoiu · poc

https://github.com/mbadanoiu/MAL-004

View Code ZIP pw:eip

Nuclei Templates (1)

Roundcube Webmail - Command Injection

CRITICALVERIFIEDby domwhewell-sage

Shodan: http.component:"roundcube" || cpe:"cpe:2.3:a:roundcube:webmail"

References (8)

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00083.html

[Exploit, Third Party Advisory] https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-12641-Command%20Injection-Roundcube

[Patch] https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3

[Release Notes] https://github.com/roundcube/roundcubemail/compare/1.4.3...1.4.4

[Release Notes] https://github.com/roundcube/roundcubemail/releases/tag/1.4.4

[Release Notes, Vendor Advisory] https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10

[Third Party Advisory] https://security.gentoo.org/glsa/202007-41

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-12641

Scores

CVSS v3 9.8

EPSS 0.9313

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

CISA KEV 2023-06-22

VulnCheck KEV 2023-06-20

InTheWild.io 2023-06-22

ENISA EUVD EUVD-2020-4942

Classification

CWE

CWE-78

Status published

Affected Products (5)

roundcube/webmail < 1.2.10

opensuse/backports_sle

opensuse/leap

Timeline

Published May 04, 2020

KEV Added Jun 22, 2023

Tracked Since Feb 18, 2026