Vulnerability CVE-2022-31245


Published: 2022-05-20

Description:
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.

 References:
https://github.com/ly1g3/Mailcow-CVE-2022-31245
https://github.com/mailcow/mailcow-dockerized/releases/tag/2022-05d

Copyright 2026, cxsecurity.com

 

Back to Top