CVE-2020-36326

Published Apr 28, 2021

Last updated a year ago

CVSS critical 9.8

Overview

Description: PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Deserialization via addAttachment with a UNC pathname. NOTE: this is similar to CVE-2018-19296, but arose because 6.1.8 fixed a functionality problem in which UNC pathnames were always considered unreadable by PHPMailer, even in safe contexts. As an unintended side effect, this fix eliminated the code that blocked addAttachment exploitation.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-502

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:phpmailer_project:phpmailer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E408867-E88B-4359-A288-4EFB791D0078",
            "versionEndIncluding": "6.4.0",
            "versionStartIncluding": "6.1.8"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7107F37-08EA-4338-8C02-72AF08A65160",
            "versionEndExcluding": "3.7.36",
            "versionStartIncluding": "3.7"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC1DE0D-A45C-481F-BB86-90B0EE362DF2",
            "versionEndExcluding": "3.8.36",
            "versionStartIncluding": "3.8"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D868EAD0-A15B-4DA6-8083-DF59B0F76F3D",
            "versionEndExcluding": "3.9.34",
            "versionStartIncluding": "3.9"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16565DA9-2069-4E4C-93B6-1A770D4FAFF0",
            "versionEndExcluding": "4.0.33",
            "versionStartIncluding": "4.0"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "838ACC2C-7BFB-4F33-9C09-3169C71E058F",
            "versionEndExcluding": "4.1.33",
            "versionStartIncluding": "4.1"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9491276F-8D9B-451A-B127-7633C958B269",
            "versionEndExcluding": "4.2.30",
            "versionStartIncluding": "4.2"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A9E7881-CF97-47B9-A2D9-9C3FE15CC539",
            "versionEndExcluding": "4.3.26",
            "versionStartIncluding": "4.3"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "786BB974-B009-479F-9729-D03C0A8BA7BD",
            "versionEndExcluding": "4.4.25",
            "versionStartIncluding": "4.4"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BF5B2B8-242D-4370-8CB7-30B063A39CC2",
            "versionEndExcluding": "4.5.24",
            "versionStartIncluding": "4.5"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75662A23-D9BB-4986-A2C1-4CD0D5D8C4CD",
            "versionEndExcluding": "4.6.21",
            "versionStartIncluding": "4.6"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "484017D5-2002-4701-91D2-13CB63BD5D2B",
            "versionEndExcluding": "4.7.21",
            "versionStartIncluding": "4.7"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB2A8F54-BA4C-433F-A50B-EFB430810D94",
            "versionEndExcluding": "4.8.17",
            "versionStartIncluding": "4.8"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CABB1071-DA21-4334-B1EC-64A1F144F563",
            "versionEndExcluding": "4.9.18",
            "versionStartIncluding": "4.9"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3409E74E-8229-47D3-BC4D-F9B59EEC26CB",
            "versionEndExcluding": "5.0.13",
            "versionStartIncluding": "5.0"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B41B2EA6-0370-4DE9-B756-21DE60DADE59",
            "versionEndExcluding": "5.1.10",
            "versionStartIncluding": "5.1"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "927FCECA-558B-4BFF-8FEF-D9DAA0E99567",
            "versionEndExcluding": "5.2.11",
            "versionStartIncluding": "5.2"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15E187EB-396C-4BEA-AD0C-B2042A2BCEC8",
            "versionEndExcluding": "5.3.8",
            "versionStartIncluding": "5.3"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7B4B6D8-7B29-4ABF-B028-5F31AFF908FF",
            "versionEndExcluding": "5.4.6",
            "versionStartIncluding": "5.4"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F76762A1-14B1-410A-B2DF-1EFCEFA7FD8A",
            "versionEndExcluding": "5.5.5",
            "versionStartIncluding": "5.5"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8327B3F-394E-4EE4-B197-1325181C2654",
            "versionEndExcluding": "5.6.4",
            "versionStartIncluding": "5.6"
          },
          {
            "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2988ED95-7821-4396-9D51-D80054FE57F5",
            "versionEndExcluding": "5.7.2",
            "versionStartIncluding": "5.7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References