Exim Remote Code Execution Vulnerability (CVS 2023-42115) Notification
outubro 10, 2023
Overview Recently, NSFOCUS CERT detected an Exim remote code execution vulnerability (CVE-2023-42115). When external authentication is enabled, due to improper user input verification, an unauthenticated attacker can remotely exploit this vulnerability by writing data beyond the bounds, ultimately executing arbitrary code on the target server. At present, the details of the vulnerability have been disclosed. […]
Exim Remote Code Execution Vulnerability (CVE-2020-28020) Threat Alert
agosto 30, 2021
Overview In May, Qualys publicly disclosed 21 security vulnerabilities in the Exim server, announcing that these vulnerabilities affected all Exim versions released after 2004 and most of them can be exploited in default configurations. Recently, NSFOCUS found that certain vulnerability details and PoCs were publicly available. Among the vulnerabilities, the most severe one is the […]
