阿里云漏洞库

该漏洞EXP已公开传播，漏洞利用成本极低，建议您立即关注并修复。

漏洞描述

This is a reintroduction of an earlier issue (CVE-2018-19296) by an unrelated bug fix in PHPMailer 6.1.8. An external file may be unexpectedly executable if it is used as a path to an attachment file via PHP's support for .phar files`. Exploitation requires that an attacker is able to provide an unfiltered path to a file to attach, or to trick calling code into generating one. See this article for more info.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://github.com/PHPMailer/PHPMailer/commit/e2e07a355ee8ff36aba21d0242c5950...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	phpmailer_project	phpmailer	*	From (including) 6.1.8	Up to (including) 6.4.0
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 3.7	Up to (excluding) 3.7.36
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 3.8	Up to (excluding) 3.8.36
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 3.9	Up to (excluding) 3.9.34
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.0	Up to (excluding) 4.0.33
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.1	Up to (excluding) 4.1.33
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.2	Up to (excluding) 4.2.30
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.3	Up to (excluding) 4.3.26
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.4	Up to (excluding) 4.4.25
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.5	Up to (excluding) 4.5.24
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.6	Up to (excluding) 4.6.21
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.7	Up to (excluding) 4.7.21
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.8	Up to (excluding) 4.8.17
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 4.9	Up to (excluding) 4.9.18
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.0	Up to (excluding) 5.0.13
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.1	Up to (excluding) 5.1.10
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.2	Up to (excluding) 5.2.11
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.3	Up to (excluding) 5.3.8
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.4	Up to (excluding) 5.4.6
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.5	Up to (excluding) 5.5.5
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.6	Up to (excluding) 5.6.4
	运行在以下环境
	应用	wordpress	wordpress	*	From (including) 5.7	Up to (excluding) 5.7.2
	运行在以下环境
	系统	debian_10	libphp-phpmailer	*		Up to (excluding) 6.0.6-0.1
	运行在以下环境
	系统	debian_11	libphp-phpmailer	*		Up to (excluding) 6.2.0-2
	运行在以下环境
	系统	debian_12	libphp-phpmailer	*		Up to (excluding) 6.2.0-2
	运行在以下环境
	系统	fedora_33	php-phpmailer6	*		Up to (excluding) 6.4.1-1.fc33
	运行在以下环境
	系统	fedora_34	php-phpmailer6	*		Up to (excluding) 6.4.1-1.fc34

攻击路径

本地
攻击复杂度

复杂
权限要求

普通权限
影响范围

全局影响
EXP成熟度

EXP 已公开
补丁情况

官方补丁
数据保密性

数据泄露
数据完整性

无影响
服务器危害

无影响
全网数量

N/A

CWE-ID	漏洞类型
CWE-502	可信数据的反序列化
CWE-641	文件和其他资源名称限制不恰当

中危 phpmailer_project phpmailer 可信数据的反序列化

漏洞描述

解决建议

参考链接

受影响软件情况