CVE-2020-12640

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.4.4

Description The issue allows attackers to include local files and execute code via directory traversal in a plugin name to "rcube plugin api.php". This can be exploited by providing a malicious plugin name, potentially leading to code execution.

Recommendations For versions prior to 1.4.4, update to version 1.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the "rcube plugin api.php" endpoint to minimize the risk of exploitation.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALT-PU-2019-2818

ALT-PU-2019-2946

ALT-PU-2019-3109

ALT-PU-2020-1898

ALT-PU-2020-2097

ALT-PU-2020-2319

ALT-PU-2020-2367

ALT-PU-2020-2518

ALT-PU-2020-2554

ALT-PU-2020-3561

ALT-PU-2020-3566

ALT-PU-2021-3558

ALT-PU-2022-1073

ALT-PU-2025-1825

ALT-PU-2025-8283

BIT-ROUNDCUBE-2020-12640

CVE-2020-12640

OPENSUSE-SU-2020:1516-1

OPENSUSE-SU-2020_1516-1

USN-5182-1

Affected Products

Alt Linux

Linuxmint

Roundcube Webmail

Suse

Ubuntu

CVE-2020-12640

Weakness Enumeration

Related Identifiers

Affected Products

References · 54