| Description: | | CoreMail is a widely deployed enterprise email system in East-Asian markets. The identified flaw exists in the administrative interface exposed through the path /manager/html. Attackers who can reach this interface may inject a crafted directory traversal sequence that ultimately points to the built-in cache directory /lunkr/cache/. By abusing this entry point it is possible to bypass normal authentication checks and gain unauthorized access to the management console. Once inside, an intruder can create, delete or modify any mailbox, change global server settings, harvest the entire mail store, and implant backdoors that persist across software updates. Because email servers contain not only user correspondence but also address books, calendar data and password-reset channels, a successful compromise frequently becomes the pivot for deeper lateral movement inside the target organization and can lead to large-scale data leakage or business-email-compromise fraud. |