CVE-2024-32399
published 2024-04-22CVE-2024-32399: Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/…
PriorityP350high7.6CVSS 3.1
AVNACLPRLUIRSUCHIHAL
EXPLOIT
EPSS
3.16%
86.4th percentile
Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component.
Detection & IOCsextracted from sources · hover to see the quote
- →Look for directory traversal sequences (e.g., '../../../') in HTTP GET requests targeting the /webeditor/ path on RaidenMAILD servers. ↗
- →Shodan query 'html:"RaidenMAILD"' can be used to identify exposed RaidenMAILD instances potentially vulnerable to this CVE. ↗
- ·The traversal payload targets Windows systems specifically (win.ini). The vulnerability may behave differently or require a different payload on non-Windows deployments. ↗
- ·Exploitation requires an authenticated low-privileged user with user interaction (PR:L, UI:R per CVSS), meaning unauthenticated scanning may not trigger the vulnerability. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
RaidenMAILD Mail Server v.4.9.4 - Path Traversal
nuclei·CVSS 7.6
CVE-2024-32399 [HIGH] RaidenMAILD Mail Server v.4.9.4 - Path Traversal
RaidenMAILD Mail Server v.4.9.4 - Path Traversal
Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component.
Template:
id: CVE-2024-32399
info:
name: RaidenMAILD Mail Server v.4.9.4 - Path Traversal
author: DhiyaneshDK
severity: high
description: |
Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component.
impact: |
Attackers can traverse directories to obtain sensitive information from the mail server.
remediation: |
Update RaidenMAILD to a version later than 4.9.4 that patches the directory traversal vulnerability.
reference:
- https://owasp.org/www-community/attacks/Pat
2024-04-22
Published