Magento - Zend Framework 1 Security Vulnerability
This vulnerability is serious and can lead to a remote code execution attack if your server uses Sendmail as a mail transport agent. The attack is performed by providing additional quote characters within an address. When unsanitized, they can be interpreted as additional command line arguments to the system sendmail program, leading to the vulnerability.
Magento is currently working to provide patches to close this vulnerability. They also provide a quick solution to prevent your Shop from a possible attack, by checking your mail sending settings and disabling the "Set Return-Path".
System-> Configuration-> System-> Mail Sending Settings-> Set Return-Path
Stores-> Configuration-> Advanced-> System-> Mail Sending Settings-> Set Return-Path
If “Set Return-Path” is set to “Yes,” and your server uses Sendmail, then your store is vulnerable to this exploit. As the risk is very high it's strongly recommended to turn off the “Set Return-Path” setting (switch to “No”), regardless of the transport agent used.
Get mail return path settings for Magento 1 & Magento 2
n98-magerun.phar config:get --scope="default" --scope-id="0" system/smtp/set_return_path
Set mail return path settings for Magento 1 & Magento 2
n98-magerun.phar config:set --scope="default" --scope-id="0" system/smtp/set_return_path 0