CVE-2021-37708

Name of the Vulnerable Software and Affected Versions Shopware versions prior to 6.4.3.1

Description The issue is related to a command injection vulnerability in mail agent settings. This vulnerability affects Shopware, an open source eCommerce platform. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to 6.4.3.1, update to version 6.4.3.1 to resolve the issue. For older versions of 6.1, 6.2, and 6.3, install the corresponding security plugin as a workaround.