CVE-2019-10149

CVE Database · CVE-2019-10149

CVE-2019-10149

· CRITICALAnalyzed

CVSS v3.1

9.8

EPSS

99.96%

Published

Jun 5, 2019

Modified

Nov 6, 2025

CISA Known Exploited Vulnerability

Added: 2022-01-10 · Due: 2022-07-10

Apply updates per vendor instructions.

Public PoC / Exploit (12)

All weaponized →

Exploit-DBExim 4.87 - 4.91 - Local Privilege Escalation Exploit-DBExim 4.87 / 4.91 - Local Privilege Escalation (Metasploit)Exploit-DBExim 4.87 < 4.91 - (Local / Remote) Command Execution TrickestTrickest PoC index GitHub PoCbananaphones/exim-rce-quickfix★22 GitHub PoCDiefunction/CVE-2019-10149★19 GitHub PoCcowbe0x004/eximrce-CVE-2019-10149★14 GitHub PoCMNEMO-CERT/PoC--CVE-2019-10149_Exim★14 GitHub PoCAzizMea/CVE-2019-10149-privilege-escalation★9 GitHub PoCdarsigovrustam/CVE-2019-10149★5 GitHub PoCChris-dev1/exim.exp★4 GitHub PoCBrets0150/StickyExim★3

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-78CWE-78

Affected Products (4)

exim · eximvulnerable

canonical · ubuntu_linuxvulnerable

debian · debian_linuxvulnerable

References (20)

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html

ExploitThird Party AdvisoryVDB Entry

KEV Catalog EPSS Scores Vendors All CVEs