← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-12641 — Actively Exploited: Roundcube Webmail (Roundcube)

Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.

CVE IDCVE-2020-12641
VendorRoundcube
ProductRoundcube Webmail
Vulnerability nameRoundcube Webmail Remote Code Execution Vulnerability
Date added2023-06-22
Remediation due2023-07-13
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionRoundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →