Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-7247

OpenBSD | OpenSMTPDAdded 2022-03-25Remediation Deadline 2022-04-15

OpenSMTPD Remote Code Execution Vulnerability

smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-755

CWE-78

References