Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2019-10149

Description

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.

POC

Reference

- http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html

- http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html

- http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html

- http://seclists.org/fulldisclosure/2019/Jun/16

- http://www.openwall.com/lists/oss-security/2021/05/04/7

Github

- https://github.com/0xT11/CVE-POC

- https://github.com/0xdea/exploits

- https://github.com/20142995/nuclei-templates

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AzizMea/CVE-2019-10149-privilege-escalation

- https://github.com/Brets0150/StickyExim

- https://github.com/Chris-dev1/exim.exp

- https://github.com/CodingChatRoom/Advance-Reconnaissance-

- https://github.com/Diefunction/CVE-2019-10149

- https://github.com/Dilshan-Eranda/CVE-2019-10149

- https://github.com/MNEMO-CERT/PoC--CVE-2019-10149_Exim

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/Stick-U235/CVE-2019-10149-Exploit

- https://github.com/VoyagerOnne/Exim-CVE-2019-10149

- https://github.com/aishee/CVE-2019-10149-quick

- https://github.com/alphaSeclab/sec-daily-2020

- https://github.com/anquanscan/sec-tools

- https://github.com/area1/exim-cve-2019-10149-data

- https://github.com/bananaphones/exim-rce-quickfix

- https://github.com/cloudflare/exim-cve-2019-10149-data

- https://github.com/cowbe0x004/eximrce-CVE-2019-10149

- https://github.com/cyb3r-w0lf/nuclei-template-collection

- https://github.com/darsigovrustam/CVE-2019-10149

- https://github.com/developer3000S/PoC-in-GitHub

- https://github.com/dhn/exploits

- https://github.com/hackerhouse-opensource/exploits

- https://github.com/hectorgie/PoC-in-GitHub

- https://github.com/hyim0810/CVE-2019-10149

- https://github.com/krlabs/eximsmtp-vulnerabilities

- https://github.com/n0-traces/cve_monitor

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/qlusec/CVE-2019-10149

- https://github.com/rahmadsandy/EXIM-4.87-CVE-2019-10149

- https://github.com/uyerr/PoC_CVE-2019-10149--rce

- https://github.com/x418x/libaz

- https://github.com/xasyhack/oscp2025

- https://github.com/xasyhack/oscp_cheat_sheet_2025