OpenBSD (OpenSMTPD)

2022-03-25 · Severity 5/10 — Medium · Unknown

Incident Summary

smtp_mailaddr in smtp_session.c in OpenSMTPD, as used in OpenBSD and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session.