← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-7247 — Actively Exploited: OpenSMTPD (OpenBSD)

smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.

CVE IDCVE-2020-7247
VendorOpenBSD
ProductOpenSMTPD
Vulnerability nameOpenSMTPD Remote Code Execution Vulnerability
Date added2022-03-25
Remediation due2022-04-15
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
Descriptionsmtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →