CVE-2020-36772

Name of the Vulnerable Software and Affected Versions CloudLinux CageFS versions 7.0.8-2 and below

Description The issue allows local users to read and write arbitrary files of certain file formats outside the CageFS environment due to insufficient restrictions on file paths supplied to the sendmail proxy command.

Recommendations For CloudLinux CageFS versions 7.0.8-2 and below, consider restricting access to the sendmail proxy command as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.