Vulnerability, measures patch released to PHP Mailer popular PHP mail sending library of 9 million users worldwide

PHPA library widely used when sending mail from "PHPMailer"A serious vulnerability has been discovered. Patches for countermeasures have already been released, and prompt updates are recommended.

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit
http://thehackernews.com/2016/12/phpmailer-security.html

PHPMailer is an open source PHP library used for sending mail without using mail software. It is widely used for sending e-mails from comments and entry forms, which are often found on websites, and is a popular library that is used by 9 million users worldwide.

According to what Polish security expert David Golnski, who discovered this vulnerability, disclosed, if exploited this vulnerability, an unauthorized remote attacker is in the context of a web server user It is said that there is a potential possibility of running arbitrary code and entering the target web application and becoming in a state that can be controlled remotely.

PHPMailer - Exploit - Remote - Code - Exec - CVE - 2016 - 10033 - Vuln
https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html


Proof of concept (PoC: Proof of Concept) on this subject is also scheduled to be released at a later date on the following page.

PHPMailer Exploit - Video PoC
https://legalhackers.com/videos/PHPMailer-Exploit-Remote-Code-Exec-Vuln-CVE-2016-10033-PoC.html


Mr. Gornski immediately contacted the developer of this library to the developer of the library, the latest version "PHPMailer 5.2.18." With the patch for the countermeasurePublished on GitHubIt is being done. If you leave it as it is in the previous version and continue to use it, you may be abused, so you need to respond promptly.