THREATOPS
THREAT OPSCVEs › CVE-2020-7247

CVE-2020-7247 — OpenSMTPD Remote Code Execution Vulnerability

CISA KEVExploited: confirmedOpenBSD

smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.

Vulnerability details