Medium severity6.7NVD Advisory· Published Apr 29, 2024· Updated Jun 17, 2026
CVE-2024-3196
CVE-2024-3196
Description
A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/Services_silentDump/Services_stopStartMTA/Config_saveDateTime/Config_hostid/Logs_StartGetStat/dumpConfiguration of the component SOAP Service. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-262312.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=2023.03.14
Patches
Vulnerability mechanics
References
5- modzero.com/static/MZ-24-01_modzero_MailCleaner.pdfnvdExploitThird Party Advisory
- modzero.com/en/advisories/mz-24-01-mailcleaner/nvdThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- github.com/MailCleaner/MailCleaner/pull/601nvdIssue Tracking
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.