What is CVE-2016-1000282?

CVE-2016-1000282 is a vulnerability in N/a. Published 2019-02-05.

Is CVE-2016-1000282 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2016-1000282

Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.

EPSS: 0.683 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cvemon

References

github.com/outflanknl/Exploits/blob/master/harakiri-CVE-2016-1000282.py (x_refsource_MISC)

Frequently asked questions

What is CVE-2016-1000282?: CVE-2016-1000282 is a vulnerability in N/a. Published 2019-02-05.
Is CVE-2016-1000282 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.