Lukaslihotzki

**Name of the Vulnerable Software and Affected Versions** Stalwart Mail Server versions prior to 0.8.0 **Description** The issue affects Stalwart Mail Server, an open-source mail server, where attackers who achieved Arbitrary Code Execution as the stalwart-mail user, including web interface admins, can gain complete root access to the system. This is because the service, although run as a separate user, can regain full privileges, making the usual protection against such attacks ineffective. Server admins who provided admin credentials to the mail server without intending to grant complete root access, as well as users attacked via another vulnerability leading to Arbitrary Code Execution, may be vulnerable. **Recommendations** For versions prior to 0.8.0, update to version 0.8.0 or later to patch the issue. As a temporary workaround, consider restricting access to the mail server and its admin credentials to minimize the risk of exploitation. Ensure that system services are properly isolated to prevent the escalation of privileges in case of a successful attack.

**Name of the Vulnerable Software and Affected Versions** Stalwart Mail Server versions prior to 0.8.0 **Description** The issue affects Stalwart Mail Server when using `RUN AS USER`, allowing the specified user and web interface admins to read arbitrary files as root. This issue impacts administrators who have set up Stalwart Mail Server with `RUN AS USER` and have handed out admin credentials, expecting these credentials to grant access according to the `RUN AS USER` settings. In scenarios where attackers achieve Arbitrary Code Execution using another vulnerability, this issue can be exploited. **Recommendations** For versions prior to 0.8.0, update to version 0.8.0 to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation. Avoid using the `RUN AS USER` feature until the issue is resolved by updating to version 0.8.0.