Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. If the Exim server accepts TLS connections, the vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake.
Recent assessments:
mkienow-r7 at September 09, 2019 2:13pm UTC reported:
Exim is run on approximately 57% of the publicly reachable mail servers on the Internet, based on an August 2019 study performed by E-Soft, Inc. 1
J3rryBl4nks at March 03, 2020 4:27pm UTC reported:
Exim is run on approximately 57% of the publicly reachable mail servers on the Internet, based on an August 2019 study performed by E-Soft, Inc. 1
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5