Bulwark Webmail: verifyIdentity() 函数中缺失的 Cookie 验证导致身份验证绕过
平台
other
组件
webmail
修复版本
1.4.11
CVE-2026-34834 describes an authentication bypass vulnerability discovered in Bulwark Webmail, a self-hosted webmail client for Stalwark Mail Server. This flaw allows unauthenticated attackers to bypass security checks and potentially access or modify user settings. The vulnerability affects versions of Bulwark Webmail prior to 1.4.10, and a patch is available in version 1.4.10.
影响与攻击场景翻译中…
An attacker exploiting this vulnerability can bypass authentication and directly access the /api/settings endpoint. This allows them to modify user settings, potentially gaining control over user accounts or altering the webmail client's configuration. The impact extends to the confidentiality and integrity of user data and the overall security of the Stalwart Mail Server environment. While the vulnerability doesn't directly lead to remote code execution, the ability to modify user settings can be leveraged for further malicious activities, such as phishing or account takeover.
利用背景翻译中…
This vulnerability was publicly disclosed on 2026-04-02. There are currently no known public proof-of-concept exploits available. The vulnerability is not listed on the CISA KEV catalog at the time of writing. Given the authentication bypass nature, it's plausible that threat actors may attempt to exploit this vulnerability, particularly if they are targeting Stalwart Mail Server deployments.
哪些人处于风险中翻译中…
Organizations using Stalwart Mail Server with Bulwark Webmail versions prior to 1.4.10 are at risk, particularly those with exposed webmail instances or those lacking robust network segmentation. Shared hosting environments where multiple users share the same Bulwark Webmail instance are also at increased risk.
攻击时间线
- Disclosure
disclosure
威胁情报
漏洞利用状态
EPSS
0.09% (26% 百分位)
CISA SSVC
受影响的软件
弱点分类 (CWE)
时间线
- 已保留
- 发布日期
- 修改日期
- EPSS 更新日期
缓解措施和替代方案翻译中…
The primary mitigation for CVE-2026-34834 is to immediately upgrade Bulwark Webmail to version 1.4.10 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to the /api/settings endpoint to trusted IP addresses or implementing stricter authentication measures. Review web server access logs for suspicious activity related to the /api/settings endpoint. After upgrading, confirm the fix by attempting to access the /api/settings endpoint without valid authentication cookies; the request should be rejected.
修复方法
将 Bulwark Webmail 更新到 1.4.10 或更高版本。此版本修复了 verifyIdentity() 函数中缺失的 Cookie 验证导致的身份验证绕过漏洞。
CVE 安全通讯
漏洞分析和关键警报直接发送到您的邮箱。
常见问题翻译中…
What is CVE-2026-34834 — Authentication Bypass in Bulwark Webmail?
CVE-2026-34834 is a vulnerability in Bulwark Webmail versions prior to 1.4.10 that allows attackers to bypass authentication and access user settings.
Am I affected by CVE-2026-34834 in Bulwark Webmail?
You are affected if you are using Bulwark Webmail version 1.4.10 or earlier. Upgrade to 1.4.10 to mitigate the risk.
How do I fix CVE-2026-34834 in Bulwark Webmail?
Upgrade Bulwark Webmail to version 1.4.10 or later. As a temporary workaround, restrict access to the /api/settings endpoint.
Is CVE-2026-34834 being actively exploited?
There are currently no confirmed reports of active exploitation, but the vulnerability's nature suggests potential for exploitation.
Where can I find the official Bulwark Webmail advisory for CVE-2026-34834?
Refer to the Stalwart Mail Server security advisories for the official announcement and details regarding CVE-2026-34834.