Eenos Version 1.0 Released
Jan. 1, 2025
Previous Post
A newly disclosed, high-severity vulnerability has been identified in Roundcube Webmail, affecting all versions prior to 1.6.11 and 1.5.10 LTS . This flaw allows authenticated users to execute arbitrary code through PHP object injection due to improper handling of the _from URL parameter.
Key Details:
- CVSS Score : 9.9/10
- Impact: Arbitrary code execution
- Discovered by: Kirill Firsov, CEO of FearsOff
- Affected versions : All versions before 1.6.11 and 1.5.10 LTS
Eenos Servers Already Patched
We want to reassure our customers that all Eenos-powered servers are already updated with the patched version of Roundcube. No action is required on your end — we've got you covered.
If you're running Roundcube elsewhere, it's crucial to update immediately to the latest secure release.
Eric Stephen
Sr.Software Engineer
Eric is a Senior software Engineer. He is a linux geek and have good knowledge in building custom Linux applications. He is also an expert python programmer.
