Attacker Value
Very Low
(1 user assessed)
Exploitability
Very Low
(1 user assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2020-14933

Disclosure Date: June 20, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request.

Add Assessment

2
Ratings
  • Attacker Value
    Very Low
  • Exploitability
    Very Low
Technical Analysis

tldr

The use of unserialize in PHP that accepts user data. There is no sequence of code that can be exploited to gain code execution using this method.

Outline

Passing user-controlled data to unserialize in PHP is always a bad idea. However, in order to be exploitable there needs to be additional code that will process the data through the use of Magic Methods. There do not appear to be any dangerous methods that take this data in the current version of the PHP script.

If the base PHP version that is running this application also happens to be a version of PHP vulnerable to https://www.cvedetails.com/cve/CVE-2017-5340/ Then there is an increased possibility of gaining code execution using this methodology.

Patch

At the time of release, there is no official patch although third party patches have been made available here

General Information

Additional Info

Technical Analysis