← CVECheck
HomeVulnerabilities

CVE-2001-0889 — HIGH severity vulnerability (Exim 3.22 and earlier, in some configurations, does not prop)

Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.

CVE IDCVE-2001-0889
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-12-19
Last modified2026-04-16
DescriptionExim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →