CVE-2021-4466

HIGH

IPCop <= 2.1.9 - Authenticated Remote Code Execution via Email Configuration

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-4466. PoCs published by Mücahit Saratar.

AI-analyzed exploit summary This exploit leverages command injection in IPCop 2.1.9's email.cgi by embedding a command in the EMAIL_PW parameter, which is executed when a test email is sent. It requires authentication and sends two POST requests: one to save settings and another to trigger the command execution.

Description

IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. The email configuration component inserts user-controlled values, including the EMAIL_PW parameter, directly into system-level operations without proper input sanitation. By modifying the email password field to include shell metacharacters and issuing a save-and-test-mail action, an authenticated attacker can execute arbitrary operating system commands with the privileges of the web interface, resulting in full system compromise.

Exploits (1)

exploitdb WORKING POC

by Mücahit Saratar · pythonwebappscgi

https://www.exploit-db.com/exploits/50183

View Code ZIP pw:eip

This exploit leverages command injection in IPCop 2.1.9's email.cgi by embedding a command in the EMAIL_PW parameter, which is executed when a test email is sent. It requires authentication and sends two POST requests: one to save settings and another to trigger the command execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: IPCop 2.1.9

Auth required

Prerequisites: Valid credentials for IPCop web interface · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources product

https://www.ipcop.org/

Product product

https://sourceforge.net/projects/ipcop/

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/ipcop-authenticated-rce

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/50183

Scores

CVSS v4 8.7

EPSS 0.0047

EPSS Percentile 37.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (1)

IPCop Project/IPCop < 2.1.9

Published Nov 14, 2025

Tracked Since Feb 18, 2026