IPCop Remote Code Execution Vulnerability in Web Administration Interface

A remote code execution vulnerability has been identified in IPCop versions through 2.1.9. This issue resides within the web-based administration interface, specifically in the email configuration component. The vulnerability arises because user-controlled values, such as the EMAIL_PW parameter, are inserted into system-level operations without adequate input sanitization. An authenticated attacker can exploit this by embedding shell metacharacters in the email password field and triggering a save-and-test-mail action. This allows the execution of arbitrary operating system commands with the same privileges as the web interface, leading to a complete system compromise.

Impact

Exploitation of this vulnerability allows for authenticated remote code execution, with executed commands running under the privileges of the web interface.

Reproduction

To reproduce this vulnerability, log into the IPCop web administration interface and navigate to the email configuration component. Insert shell metacharacters into the EMAIL_PW parameter, which is the email password field. After modifying the field, issue a save-and-test-mail action. This will trigger the execution of the injected commands on the server.