Primary

Context

GROWI Path Traversal Vulnerability Allowing Arbitrary EJS Template Execution

Vulnerability

A path traversal vulnerability has been identified in GROWI versions through 7.5.0. This vulnerability allows an attacker to execute arbitrary EJS templates on the server, but only if an email server is configured to run with GROWI. The issue arises in the file upload feature, where an attacker can manipulate the EJS template loading path to execute malicious templates that have been uploaded.

Impact

Exploitation of this vulnerability could lead to the execution of arbitrary EJS templates on the server. An attacker with an administrator session could steal sensitive files, such as configuration files and private keys. Additionally, if local file uploads are enabled, the combination of malicious EJS files could result in the execution of arbitrary OS commands, installation of backdoors, or disruption of services.

Remediation

Users are advised to update GROWI to version 7.5.1 or later. The updated version can be downloaded from GitHub or Docker Hub.

Added: May 11, 2026, 10:18 AM

Updated: May 11, 2026, 10:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.3

remediation

0.0

relevance

8.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.3

remediation

0.0

relevance

8.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GROWI Path Traversal Vulnerability Allowing Arbitrary EJS Template Execution

Vulnerability

Impact

Remediation

Affected Products

GROWI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating