Clash of the (Spam)Titan

This report documents the discovery and coordinated disclosure of multiple critical vulnerabilities in the SpamTitan appliance (versions ≤7.07), notably an unauthenticated SNMP-based remote code execution (CVE-2020-11698) that can yield root, several authenticated RCEs and an arbitrary file read (CVE-2020-11699, CVE-2020-11700, CVE-2020-11803, CVE-2020-11804), and two console escape flaws affecting VMware tooling and backup import (CVE-2020-24045, CVE-2020-24046). The researcher provides technical analysis, PoCs (including automated exploits), and a disclosure timeline; SpamTitan released fixes in versions 7.08/7.09 and administrators are advised to upgrade immediately.