CVE-2020-28021

Name of the Vulnerable Software and Affected Versions Exim versions 4 through 4.94.1 Exim version 4.94.2 is not affected, so all versions prior to 4.94.2 are considered vulnerable.

Description The issue is related to insufficient input validation in the Exim message relay agent. This can be exploited by a remote attacker to bypass security restrictions. An authenticated remote SMTP client can insert newline characters into a spool file, which can indirectly lead to remote code execution as root via the AUTH= parameter in a MAIL FROM command. The MAIL FROM command is an API endpoint used in SMTP transactions.

Recommendations For Exim versions 4 through 4.94.1, update to version 4.94.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the AUTH= parameter in the MAIL FROM command to minimize the risk of exploitation.