Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-26032

An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may lead to disclosure of information from intranet systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2020-26032
  • Zammad » Zammad » Version: 1.0.0
    cpe:2.3:a:zammad:zammad:1.0.0
  • Zammad » Zammad » Version: 1.0.1
    cpe:2.3:a:zammad:zammad:1.0.1
  • Zammad » Zammad » Version: 1.0.2
    cpe:2.3:a:zammad:zammad:1.0.2
  • Zammad » Zammad » Version: 1.0.3
    cpe:2.3:a:zammad:zammad:1.0.3
  • Zammad » Zammad » Version: 1.0.4
    cpe:2.3:a:zammad:zammad:1.0.4
  • Zammad » Zammad » Version: 1.1.0
    cpe:2.3:a:zammad:zammad:1.1.0
  • Zammad » Zammad » Version: 1.1.1
    cpe:2.3:a:zammad:zammad:1.1.1
  • Zammad » Zammad » Version: 1.1.2
    cpe:2.3:a:zammad:zammad:1.1.2
  • Zammad » Zammad » Version: 1.1.3
    cpe:2.3:a:zammad:zammad:1.1.3
  • Zammad » Zammad » Version: 1.1.4
    cpe:2.3:a:zammad:zammad:1.1.4
  • Zammad » Zammad » Version: 1.2.0
    cpe:2.3:a:zammad:zammad:1.2.0
  • Zammad » Zammad » Version: 1.2.1
    cpe:2.3:a:zammad:zammad:1.2.1
  • Zammad » Zammad » Version: 1.2.2
    cpe:2.3:a:zammad:zammad:1.2.2
  • Zammad » Zammad » Version: 1.2.3
    cpe:2.3:a:zammad:zammad:1.2.3
  • Zammad » Zammad » Version: 1.3.0
    cpe:2.3:a:zammad:zammad:1.3.0
  • Zammad » Zammad » Version: 1.3.1
    cpe:2.3:a:zammad:zammad:1.3.1
  • Zammad » Zammad » Version: 1.3.2
    cpe:2.3:a:zammad:zammad:1.3.2
  • Zammad » Zammad » Version: 1.4.0
    cpe:2.3:a:zammad:zammad:1.4.0
  • Zammad » Zammad » Version: 1.4.1
    cpe:2.3:a:zammad:zammad:1.4.1
  • Zammad » Zammad » Version: 1.5.0
    cpe:2.3:a:zammad:zammad:1.5.0
  • Zammad » Zammad » Version: 1.5.1
    cpe:2.3:a:zammad:zammad:1.5.1
  • Zammad » Zammad » Version: 1.6.0
    cpe:2.3:a:zammad:zammad:1.6.0
  • Zammad » Zammad » Version: 1.6.1
    cpe:2.3:a:zammad:zammad:1.6.1
  • Zammad » Zammad » Version: 2.0.0
    cpe:2.3:a:zammad:zammad:2.0.0
  • Zammad » Zammad » Version: 2.0.1
    cpe:2.3:a:zammad:zammad:2.0.1
  • Zammad » Zammad » Version: 2.1.0
    cpe:2.3:a:zammad:zammad:2.1.0
  • Zammad » Zammad » Version: 2.1.1
    cpe:2.3:a:zammad:zammad:2.1.1
  • Zammad » Zammad » Version: 2.1.2
    cpe:2.3:a:zammad:zammad:2.1.2
  • Zammad » Zammad » Version: 2.10.0
    cpe:2.3:a:zammad:zammad:2.10.0
  • Zammad » Zammad » Version: 2.2.0
    cpe:2.3:a:zammad:zammad:2.2.0
  • Zammad » Zammad » Version: 2.2.1
    cpe:2.3:a:zammad:zammad:2.2.1
  • Zammad » Zammad » Version: 2.2.2
    cpe:2.3:a:zammad:zammad:2.2.2
  • Zammad » Zammad » Version: 2.3.0
    cpe:2.3:a:zammad:zammad:2.3.0
  • Zammad » Zammad » Version: 2.3.1
    cpe:2.3:a:zammad:zammad:2.3.1
  • Zammad » Zammad » Version: 2.4.0
    cpe:2.3:a:zammad:zammad:2.4.0
  • Zammad » Zammad » Version: 2.4.1
    cpe:2.3:a:zammad:zammad:2.4.1
  • Zammad » Zammad » Version: 2.5.0
    cpe:2.3:a:zammad:zammad:2.5.0
  • Zammad » Zammad » Version: 2.5.1
    cpe:2.3:a:zammad:zammad:2.5.1
  • Zammad » Zammad » Version: 2.6.0
    cpe:2.3:a:zammad:zammad:2.6.0
  • Zammad » Zammad » Version: 2.6.1
    cpe:2.3:a:zammad:zammad:2.6.1
  • Zammad » Zammad » Version: 2.7.0
    cpe:2.3:a:zammad:zammad:2.7.0
  • Zammad » Zammad » Version: 2.7.1
    cpe:2.3:a:zammad:zammad:2.7.1
  • Zammad » Zammad » Version: 2.7.2
    cpe:2.3:a:zammad:zammad:2.7.2
  • Zammad » Zammad » Version: 2.8.0
    cpe:2.3:a:zammad:zammad:2.8.0
  • Zammad » Zammad » Version: 2.8.1
    cpe:2.3:a:zammad:zammad:2.8.1
  • Zammad » Zammad » Version: 2.9.0
    cpe:2.3:a:zammad:zammad:2.9.0
  • Zammad » Zammad » Version: 3.0.0
    cpe:2.3:a:zammad:zammad:3.0.0
  • Zammad » Zammad » Version: 3.0.1
    cpe:2.3:a:zammad:zammad:3.0.1
  • Zammad » Zammad » Version: 3.1.0
    cpe:2.3:a:zammad:zammad:3.1.0
  • Zammad » Zammad » Version: 3.1.1
    cpe:2.3:a:zammad:zammad:3.1.1
  • Zammad » Zammad » Version: 3.2.0
    cpe:2.3:a:zammad:zammad:3.2.0
  • Zammad » Zammad » Version: 3.2.1
    cpe:2.3:a:zammad:zammad:3.2.1
  • Zammad » Zammad » Version: 3.3.0
    cpe:2.3:a:zammad:zammad:3.3.0
  • Zammad » Zammad » Version: 3.3.1
    cpe:2.3:a:zammad:zammad:3.3.1
  • Zammad » Zammad » Version: 3.4.0
    cpe:2.3:a:zammad:zammad:3.4.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved