CVE-2024-30270

Name of the Vulnerable Software and Affected Versions: mailcow:dockerized versions prior to 2024-04

Description: The issue is related to the rspamd maps() function and involves improper path validation, allowing for path traversal and arbitrary code execution. This can enable an authenticated admin user to overwrite any file writable by the www-data user, potentially leading to the execution of arbitrary commands on the server.

Recommendations: For versions prior to 2024-04, update to version 2024-04 or later, which contains a patch for the issue. As a temporary workaround, consider restricting access to the rspamd maps() function to minimize the risk of exploitation. Additionally, ensure that proper access controls and permissions are in place for the www-data user to prevent unauthorized file overwrites.