Vulnerability identifier: #VU10442

Vulnerability risk: High

CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2018-6789

CWE-ID: CWE-120

Exploitation vector: Network

Exploits in database: 4

• June 17, 2021
  • Exim < 4.90.1 - 'base64d' Remote Code Execution [Exploit-DB]
  • exim 4.90 - Remote Code Execution [Exploit-DB]
• March 18, 2020
  • Exim-CVE-2018-6789 (PoC materials to exploit CVE-2018-6789) [Github]
  • exim-rce-cve-2018-6789 (This repository provides a learning environment to understand how an Exim RCE exploit for CVE-2018-6789 works.) [Github]

Impact: Code execution

Vulnerable software:
Exim
Server applications / Mail servers

Vendor: Exim