Roundcube Webmail Security Updates Patches Multiple Critical Vulnerabilities

Roundcube Webmail, a popular open-source web-based IMAP email client, has released version 1.6.14, which includes important security updates to fix several serious flaws in the 1.6.x branch. The release fixes a lot of complicated security problems, including the risk of arbitrary file writing before authentication and cross-site scripting (XSS) and server-side request forgery (SSRF). Learn more about IT security audits Platform for threat intelligence Protection against identity theft It is highly recommended that system administrators apply this update to keep their communication infrastructure safe from possible attacks by threat actors.

Addressed Critical Vulnerabilities The most serious vulnerability fixed in this release is a flaw that lets you write files without logging in. Security researcher y0us found this problem, which is caused by unsafe deserialization in the Redis and Memcached session handlers.

This flaw is a big problem for web servers that are vulnerable to remote code execution because it doesn't require an attacker to log in. If attackers took advantage of this, they could take full control of the application environment. The update also fixes an SSRF and information disclosure vulnerability.

Georgios Tsimpidas said that this flaw let attackers use stylesheet links to get to hosts on the local network. This flaw could let hackers map the internal network or get sensitive information from hidden internal services that aren't normally accessible from the public internet. Version 1.6.14 also fixes a serious logical error in the account management systems. Flydragon777, a security researcher, reported a problem where attackers could change an account password without having the old password.

This made account security very weak and could have led to full account takeovers if someone hijacked an active session for a short time. Learn more about Windows and .NET News about hacking ZeroOwl newsletter The Martila Security Research Team also found a vulnerability in the mail search function that allowed both IMAP injection and Cross-Site Request Forgery (CSRF) to get around. This flaw could let bad people change backend mail server commands and do things that a currently authenticated user didn't give permission for.

Bypasses for Client-Side Security The development team fixed a number of client-side security holes that could let bad payloads run or be tracked in the victim's browser. Aikido_security reported an XSS vulnerability in the HTML attachment preview feature, and it was successfully fixed.

The fixes also included fixing several ways to get around remote image blocking. A researcher named nullcathedral wrote about bypasses that used different SVG animate attributes and made body background attributes. Blocking remote images is an important privacy feature that stops email senders from using tracking pixels to see if an email was opened.

The same researcher also found a bug that let people get around fixed-position mitigations by misusing the CSS important rule. This has now been fully fixed. Version 1.6.14 has a lot of security fixes and a functional patch that fixes problems with PostgreSQL database connections that use IPv6 addresses. The Roundcube development team thinks this release is very stable.

They suggest that administrators update all Roundcube 1.6.x installations in production right away to make their environments safer.

To avoid losing data unexpectedly, system administrators must back up all database and application data securely before starting the upgrade process. Learn more about hacking and cracking Reports on the analysis of cyberattacks Tools for digital forensics You can now download the update packages, cryptographic signatures, and source code from the official Roundcube GitHub repository. You can also follow Roundcube on LinkedIn and X for daily ZeroOwl.

Get in touch with us to have your stories featured.