PHPMailer

The vulnerability CVE-2016-10033 in PHPMailer allows attackers to execute arbitrary code through command injection in the mail() function. This vulnerability is being actively exploited in cyberattacks, risking system compromise and data breaches. Organizations must fix this by July 28, 2025, after CISA's July 7 warning. The vulnerability affects PHPMailer versions prior to v5.2.18. Organizations should upgrade to PHPMailer v5.2.18+ or discontinue use of vulnerable versions immediately.

Source: https://cybersecuritynews.com/phpmailer-command-injection-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/brankovich-lab

"id": "bra627070825",
"linkid": "brankovich-lab",
"type": "Vulnerability",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'type': 'Web Application Developers'}],
 'attack_vector': 'Command Injection',
 'date_detected': '2025-07-07',
 'date_publicly_disclosed': '2025-07-07',
 'date_resolved': '2025-07-28',
 'description': 'A critical command injection vulnerability in PHPMailer '
                'allows attackers to execute arbitrary code through the mail() '
                'function. This vulnerability is being actively exploited in '
                'cyberattacks, posing significant risks to web applications '
                'worldwide.',
 'investigation_status': 'Under Investigation',
 'motivation': ['System Compromise', 'Data Breach'],
 'post_incident_analysis': {'corrective_actions': ['Upgrade to PHPMailer '
                                                   'v5.2.18+',
                                                   'Discontinue use of '
                                                   'vulnerable versions'],
                            'root_causes': 'Inadequate input sanitization in '
                                           'the mail() function'},
 'recommendations': ['Immediately apply vendor-provided mitigations and '
                     'security patches',
                     'For cloud service deployments, follow BOD 22-01 guidance',
                     'Prioritize the vulnerability in patching schedules',
                     'Conduct thorough assessments of all applications '
                     'utilizing PHPMailer functionality'],
 'references': [{'date_accessed': '2025-07-07', 'source': 'CISA'}],
 'response': {'remediation_measures': ['Upgrade to PHPMailer v5.2.18+',
                                       'Discontinue use of vulnerable '
                                       'versions']},
 'title': 'PHPMailer Command Injection Vulnerability (CVE-2016-10033)',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2016-10033'}

PHPMailer

Synacor

Apple

Activision