smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.
PoC: cve-2020-7247-exploit
Python exploit of cve-2020-7247
PoC: CVE-2020-7247-exploit
OpenSMTPD 6.4.0 - 6.6.1 Remote Code Execution PoC exploit
PoC: CVE-2020-7247
Proof Of Concept Exploit for CVE-2020-7247 (Remote Execution on OpenSMTPD < 6.6.2
PoC: cve-2020-7247
OpenSMTPD version 6.6.2 remote code execution exploit
PoC: CVE-2020-7247
Initial POC for CVE-2020-7247
PoC: CVE-2020-7247
This vulnerability exists in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user
PoC: shai_hulud
Worm written in python, abuses CVE-2020-7247
PoC: CVE-2020-7247-POC
Proof of concept for CVE-2020-7247 for educational purposes.
PoC: CVE-2020-7247
PoC exploit for CVE-2020-7247 OpenSMTPD 6.4.0 < 6.6.1 Remote Code Execution
PoC: OpenSMTPD-6.6.1---Remote-Code-Execution---Linux-remote-Exploit
EDB-ID: 47984 CVE: 2020-7247 EDB Verified: Author: 1F98D Type: REMOTE Exploit: / Platform: LINUX Date: 2020-01-30 Vulnerable App: # Exploit Title: OpenSMTPD 6.6.1 - Remote Code Execution # Date: 2020-01-29 # Exploit Author: 1F98D # Original Author: Qualys Security Advisory # Vendor Homepage: https://www.opensmtpd.org/ # Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1 # Version: OpenSMTPD < 6.6.2 # Tested on: Debian 9.11 (x64) # CVE: CVE-2020-7247 # References: # https:
PoC: CVE-2020-7247
This vulnerability exists in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free