Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-50340 PoC — SOGo Webmail 安全漏洞

Source
https://github.com/millad7/SOGo_web_mail-vulnerability-CVE-2025-50340
Associated Vulnerability
Title:SOGo Webmail 安全漏洞 (CVE-2025-50340)
Description:An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated user is authorized to use the specified sender identity, resulting in unauthorized message delivery as another user. This can lead to impersonation, phishing, or unauthorized communication within the system. NOTE: this is disputed by the Supplier because the only effective way to prevent this sender spoofing is on the SMTP server, not within a client such as SOGo.
Description
Insecure Direct Object Reference (IDOR vulnerability) in SOGo Webmail Allows a user to send emails on behalf of  another user.
Readme
# CVE-2025-50340: Insecure Direct Object Reference (IDOR vulnerability) in SOGo Webmail

CVE ID: CVE-2025-50340  
Reporter: Milad Seddigh  
Product: SOGo  
Affected Versions: v5.6.0  
Impact: Insecure Direct Object Reference (IDOR vulnerability) → Allows the user to send emails on behalf of another user. 

## Summary

An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail, allowing an 
authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email
sending request. The server fails to verify whether the authenticated user is authorized to use the specified sender 
identity, resulting in unauthorized message delivery as another user. This can lead to impersonation, phishing, or 
unauthorized communication within the system. 

## Steps to Reproduce

1- Login to your account. 
2- Send an email and intercept your request using Burp Suite. 
3- Change the “from” parameter to victim’s email address to send on behalf of victim. 
4- The response server shows the success in sending the email on behalf of another user. 

## Mitigation

Enforce Proper Authorization:
Implement strict server-side authorization checks to ensure that users can only perform actions on resources they are explicitly authorized to access.
Verify that the authenticated user is the rightful owner of the email identity being used as the sender (from address).
File Snapshot

 [4.0K]  /data/pocs/57cdfcb1f50edded9b94a1784605aa4bfd8252cd
├── [1.4K]  CVE-2025-50340
└── [1.4K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →