AI description
CVE-2025-49113 is a remote code execution vulnerability affecting Roundcube Webmail versions before 1.5.10 and 1.6.x before 1.6.11. It stems from the insufficient validation of the `_from` parameter in the `program/actions/settings/upload.php` file. This lack of validation allows for PHP Object Deserialization, potentially enabling authenticated users to execute arbitrary code on the Roundcube Webmail server. The vulnerability has been addressed in Roundcube Webmail versions 1.5.10 and 1.6.11.
- Description
- Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- cve@mitre.org
- CWE-502
- Hype score
- Not currently trending
CVE-2025-49113 – Roundcube Webmail RCE Exploit https://t.co/tR5pyJwGD6 https://t.co/dS17s6pl0m
@cyber_advising
21 Jul 2025
10312 Impressions
48 Retweets
186 Likes
101 Bookmarks
2 Replies
0 Quotes
RCE in Roundcube (CVE-2025-49113): 10 years in the code, public exploit since June 5, real attacks confirmed. Patch now! #Roundcube #FearsOff ➡️ https://t.co/Iwrf5tJ0rs https://t.co/579eDF6fW8
@leonov_av
21 Jul 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#𝒜𝔫𝑜𝔫𝒚𝔪𝑜𝖚𝙨 #FuckIsrael #FreePalestine #OpIsrael #FreeGaza #StopGenocideOfPalestinians Israel webmail servers is Ꮒ𝘢𝔠𝕜𝖊𝕕 Ƅ𝒚 𝕜𝕣𝑜𝕜𝖊𝕥𝖊𝘢𝙨𝒊𝔫𝕘, CVE-2025-49113 is a critical vulnerability affecting
@Lulz_BinBash
13 Jul 2025
154 Impressions
1 Retweet
6 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-49113 https://t.co/yqNuZLefAL
@Dwaynejohn000
12 Jul 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
9 Jul 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
28 Jun 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Just published a write-up on CVE-2025-49113 – a critical authenticated RCE in Roundcube Webmail. https://t.co/aMG5AiyezC #RedTeam #CVE2025_49113 #TryHackMe
@z41b1337
27 Jun 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ready to tackle another legendary CVE? 💥 Just added to Hackviser Labs: A hands-on lab for Roundcube ≤ 1.6.10 Post-Auth RCE (CVE-2025-49113) 🚀 Perfect for security professionals and enthusiasts looking to understand and practice with real-world vulnerabilities 💪 Che
@hackviserr
26 Jun 2025
146 Impressions
2 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49113 https://t.co/ExTddikABq
@40sp3l
24 Jun 2025
26527 Impressions
111 Retweets
840 Likes
521 Bookmarks
6 Replies
0 Quotes
CVE-2025-49113-Scanner – Security Advisory 🔍 Description: Critical RCE vulnerability in certain web services. This tool checks and exploits the issue automatically. 🛠️ Exploitation Script: https://t.co/DWqjMEvHdg https://t.co/pWwd1aHwor
@issam_juniorx
23 Jun 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🦜🐻❄️🐱YouTube video walk through for TryHackMe Roundcube: CVE-2025-49113 🦊🐥CVE-2025-49113 is a Post-Authentication Remote Code Execution (RCE) vulnerability in Roundcube webmail (versions ≤ 1.6.10) caused by unsafe PHP object deserialization. Video link i
@DjalilAyed
23 Jun 2025
77 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
23 Jun 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Getting hands on with CVE-2025-49113. https://t.co/Xo5cRCzrcm #tryhackme via @realtryhackme
@p0rkchxp
22 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
22 Jun 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
21 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
21 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
19 Jun 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-49113
@transilienceai
19 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨CVE-2025-49113、#Roundcube ウェブメール #RCE 脆弱性! メールの件名だけでリモートコード実行⚠️ 悪意のあるメールのリモートコマンドによりバックドアがインストールされる可能性があります。 🔍56,000件の
@CriminalIP_JP
19 Jun 2025
22 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-49113, #Roundcube 웹메일 #RCE 취약점! 메일 제목만으로 원격 코드 실행⚠️ 악성 메일을 수신받으면 공격자의 원격 명령으로 백도어가 설치될 수 있습니다. 🔍외부에 노출된 56,000여 개 인스턴스를 확인해보
@CriminalIP_KR
19 Jun 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Desplegada actualización generalizada en todos los servidores mantenidos, propios y terceros para disponer de #RoundCube 1.6.11 para corregir fallo crítico CVE-2025-49113: https://t.co/1eqGonUsVh
@ASPLhosting
18 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TryHackMe | Roundcube: CVE-2025-49113 | WriteUp https://t.co/bkp3artOUm
@sn0optsz
18 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Day 15: Analyzed CVE-2025-49113 - CRITICAL RCE in Roundcube Webmail! CVSS: 9.9/10 | EPSS: 73.08% | 84K+ vulnerable installs Article link : https://t.co/kW9KNHYAjz #LSPPDay15 #60DaysOfLearning2025 #LearningWithLeapfrog @lftechnology
@itsdavidmandal
17 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Roundcube hit by critical zero-day as hackers sell exploit for CVE-2025-49113, enabling remote code execution in popular webmail platform. #CyberSecurity #ZeroDay #RoundcubeExploit https://t.co/6DG63LLywc
@CyberSecTV_eu
17 Jun 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Roundcube. Exploring CVE-2025-49113. https://t.co/p6rA3nKVZ2 #tryhackme via @realtryhackme
@stefan_pauly
17 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
NEW RECENT THREAT: Roundcube: CVE-2025-49113 🔗 https://t.co/ZZLIh8F9H6 From webmail access to system access: Explore Roundcube's recent vulnerability in a lab environment. Learn how it works, how to exploit it, and how to mitigate it. 🔴 https://t.co/e4eM2Bfh6J
@RealTryHackMe
16 Jun 2025
4404 Impressions
9 Retweets
75 Likes
11 Bookmarks
0 Replies
0 Quotes
🐞 🪲 New room Roundcube: CVE-2025-49113 from TryHackMe 😸 Exploit CVE-2025-49113 in a lab environment. 🪝 This vulnerability allows remote code execution (RCE) by authenticated users Room link in first comment: 🦜🦜⤵️⤵️ https://t.co/m1cP2I6HEc
@DjalilAyed
16 Jun 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-33053 2 - CVE-2025-3052 3 - CVE-2025-49113 4 - CVE-2025-33073 5 - CVE-2025-25022 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
16 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🤬CVE-2025-49113: Post‑Auth Remote Code Execution in Roundcube via PHP Object Deserialization FOFA Link: https://t.co/wOdnSinywG FOFA Query: app="roundcube" Results: 51,584,735 Advisory:https://t.co/sWPSYiVk2z CVSS: 9.9 https://t.co/i45cBNBtyu
@TheMsterDoctor1
15 Jun 2025
4602 Impressions
28 Retweets
95 Likes
53 Bookmarks
3 Replies
0 Quotes
https://t.co/ejF6ZL2Q6A was NOT compromised via CVE-2025-49113 Roundcube RCE, according to them they are running older version of Roundcube, immune to the exploit. Nothing ever happens. Read more: https://t.co/iPYrP4EhFF https://t.co/erdLgPK5dc
@svobodacenter
15 Jun 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-49113: Post‑Auth Remote Code Execution in Roundcube via PHP Object Deserialization FOFA Link: https://t.co/GeGdXSS1pj… FOFA Query: app="roundcube" Results: 51,584,735 Advisory: https://t.co/ELitlTM4bg… https://t.co/BJcfEYQL5C
@JackNike317913
15 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-49113: Post‑Auth Remote Code Execution in Roundcube via PHP Object Deserialization FOFA Link: https://t.co/n8KZhhhs11 FOFA Query: app="roundcube" Results: 51,584,735 Advisory: https://t.co/ctSkVwwXDk CVSS: 9.9 https://t.co/u51dKTv92k
@DarkWebInformer
13 Jun 2025
7956 Impressions
29 Retweets
129 Likes
65 Bookmarks
2 Replies
0 Quotes
🚨 CVE-2025-49113 #RCE Alert! A 10-year-old flaw in Roundcube Webmail is now weaponized. Attackers exploit PHP deserialization to run arbitrary code. Over 1.9M instances at risk! 📄 Read full advisory: https://t.co/M8L5gynxA5 #CyberSecurity https://t.co/NZihmnHBTL
@sequretek_sqtk
13 Jun 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Több mint 84 000 Roundcube levelezőrendszer sebezhető világszerte Kiril Firsov biztonsági kutató fedezte fel a CVE-2025-49113 számon nyilván tartott sebezhetőséget, amely távoli kódfuttatást (RCE) tesz lehetővé a Roundcube nevű webmail szolgáltatás 1.1.0 és az
@linuxmint_hun
13 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Roundcube Webmail RCE (CVE-2025-49113) 🚨 A 10-year-old flaw in Roundcube Webmail is actively exploited for Remote Code Execution (CVSS 9.9). Over 84,000 servers at risk. ✅ Patch ASAP to 1.6.11 / 1.5.10. 🚫 Stop potential full server compromise. #Roundcube
@ZBounty18591
13 Jun 2025
10 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠ Critical RCE in Roundcube Mail (CVE-2025-49113)! #Mageia 9’s latest update patches a Post-Auth Remote Code Execution flaw. If you self-host email: ✅ Update NOW ✅ Audit logs ✅ Check for IOCs Read more: 👇https://t.co/hG7xhBvdL4 #InfoSec #SysAdmin https://t.co/4D9
@Cezar_H_Linux
12 Jun 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad en Roundcube Webmail: Un fallo crítico (CVE-2025-49113, CVSS 9.9) en Roundcube Webmail permite a usuarios autenticados tomar control total de servidores. Parches fueron lanzados el 1 de junio de 2025, pero muchas instalaciones siguen expuestas. https://t.co/4XM9Dn
@AlfonsoBalcells
12 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #CVE-2025-49113 – Authenticated RCE in Roundcube via Unsafe Deserialization in uploadphp https://t.co/jH1wZZNjdE Educational Purposes!
@UndercodeUpdate
11 Jun 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Roundcube Mail后台代码执行漏洞复现(CVE-2025-49113)及POC
@WenhuaGui
11 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
脆弱性の悪用により8万以上のRoundcubeサーバーに影響(CVE-2025-49113) https://t.co/jH5Wekq1Q4 #Security #セキュリティ #ニュース
@SecureShield_
11 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution flaw affecting versions 1.1.0 to 1.6.10. https://t.co/TI9Ac6WbJt
@securityRSS
10 Jun 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploited Vulnerability Impacts Over 80,000 Roundcube Servers Over 85,000 Roundcube webmail servers are vulnerable to a critical RCE flaw (CVE-2025-49113, CVSS 9.9) affecting versions 1.1.0 to 1.6.10. The bug, a PHP Object Injection issue stemming from mishandled variable names,
@dCypherIO
10 Jun 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🗞️ Over 84,000 Roundcube webmail instances are vulnerable to a critical remote code execution flaw (CVE-2025-49113), with public exploits circulating and active attacks likely. System admins are urged to patch to versions 1.6.11 or 1.5.10 immediately Key takeaways: 🧵 htt
@gossy_84
10 Jun 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Plus de 84 000 instances Roundcube exposées à une faille d’exécution de code à distance (RCE) critique (CVE-2025-49113) activement exploitée. https://t.co/moIuwjwSnp
@cert_ist
10 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49113 - Roundcube - Remote Code Execution
@ghostbugste
10 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 80,000 Roundcube servers running versions 1.1.0 to 1.6.10 are vulnerable to a critical remote code execution flaw (CVE-2025-49113). Exploitation via brute-force or log extraction poses major risks. 🔓 #Webmail #Vulnerability #UK https://t.co/wEyQ9OfV0C
@TweetThreatNews
10 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Roundcube RCE: Dark Web Activity Signals Imminent Attacks (CVE-2025-49113) As digital defense becomes an integral part of the twenty-first-century b https://t.co/r8N4OXxaih https://t.co/901jgwtEPw
@AegisLens
10 Jun 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Over 84,000 Roundcube instances at risk due to CVE-2025-49113 RCE vulnerability with public exploit available. Take immediate action. #CyberSecurity #InfoSec https://t.co/uWHt6sQuMM
@not2cleverdotme
10 Jun 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Más de 84,000 servidores Roundcube son vulnerables a la falla crítica CVE-2025-49113. Ya existe exploit público y están bajo riesgo de explotación activa. Se recomienda actualizar urgentemente a la versión 1.6.11. #Roundcube #CVE202549113 #SISAPNews https://t.co/GeP9F
@SISAP_LATAM
10 Jun 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
84,000以上のRoundcubeインスタンスに脆弱性、積極的に悪用される恐れ(CVE-2025-49113) https://t.co/VF8MSEENtk #Security #セキュリティ #ニュース
@SecureShield_
10 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes