CVEs-PoC/2018/CVE-2018-6289.md

### [CVE-2018-6289](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6289)
![](https://img.shields.io/static/v1?label=Product&message=Kaspersky%20Secure%20Mail%20Gateway&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Configuration%20file%20injection%20leading%20to%20Code%20Execution%20as%20Root&color=brighgreen)

### Description

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.

### POC

#### Reference
- https://support.kaspersky.com/vulnerability.aspx?el=12430#010218
- https://www.coresecurity.com/advisories/kaspersky-secure-mail-gateway-multiple-vulnerabilities

#### Github
- https://github.com/lean0x2F/lean0x2f.github.io