CyberSecurityBoard
Sponsor Register Login

Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries

Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. All organizations using Exim for mail routing should prioritize this update, particularly those handling sensitive communications or operating in regulated industries. The flaw enables authenticated attackers to execute arbitrary SQL commands through specially crafted ETRN SMTP transactions when specific configuration conditions exist. This injection pattern could compromise SQLite databases containing delivery hints, sender verify records, and TLS session cache data. As of patch deployment, no active exploits have been observed in the wild, but the relative ease of exploitation suggests rapid weaponization is likely. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications. Exim maintainers have released patched versions through standard update channels.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 24 Feb 2025 07:45:21 +0000


Cyber News related to Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries

Hackers target new MOVEit Transfer critical auth bypass bug - Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it. MOVEit Transfer is a managed file transfer solution used in enterprise environments to ...
7 months ago Bleepingcomputer.com
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. All organizations using Exim for mail routing ...
3 hours ago Cybersecuritynews.com
Data Diodes: One-Way Information Transfer - A flash drive used to deliver data to an isolated network segment could unintentionally become a vessel for confidential information to leave the company. For about a decade, there has been a much more elegant and technologically advanced solution ...
1 year ago Feeds.dzone.com
MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
7 months ago Darkreading.com
SQL Injection Vulnerability Patched in Tutor LMS WordPress Plugin - On February 15th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an authenticated SQL Injection vulnerability in Tutor LMS, a WordPress plugin with more than 80,000+ active installations. Props to Muhammad Hassham ...
11 months ago Wordfence.com
CVE-2022-22774 - The DOM XML parser and SAX XML parser components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Command Center, TIBCO Managed File Transfer Internet Server, and TIBCO Managed File Transfer ...
2 years ago
CVE-2021-47229 - In the Linux kernel, the following vulnerability has been resolved: PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIO_START register when previous transfer has not yet completed (which is ...
9 months ago Tenable.com
CVE-2021-44549 - Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing ...
3 years ago
MoveIt Transfer vulnerability targeted amid disclosure drama - Another vulnerability in Progress Software's MoveIt Transfer product is under attack amid an apparent leak of flaw. In security alerts published on Tuesday, Progress detailed two critical improper authentication vulnerabilities, one tracked as ...
7 months ago Techtarget.com
CVE-2023-51766 - Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection ...
1 year ago
CVE-2024-26827 - In the Linux kernel, the following vulnerability has been resolved: i2c: qcom-geni: Correct I2C TRE sequence For i2c read operation in GSI mode, we are getting timeout due to malformed TRE basically incorrect TRE sequence in ...
10 months ago Tenable.com
Group behind LockBit ransomware claims responsibility for cyberattack on Royal Mail - The LockBit ransomware group has been linked to a cyberattack on the UK's leading mail delivery service, Royal Mail, which has caused severe disruption to their international shipping services. LockBitSupport, the ransomware gang's public-facing ...
2 years ago Bleepingcomputer.com
CVE-2023-30552 - Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `sql/instance.py` ...
1 year ago
CVE-2023-30557 - Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the `data_dictionary.py` ...
1 year ago
Hackers use DNS tunneling for network scanning, tracking victims - Threat actors are using Domain Name System tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. DNS tunneling is the encoding of data or commands that are sent ...
9 months ago Bleepingcomputer.com
CISA, FBI, EAC and USPIS Release Election Mail Handling Procedures to Protect Against Hazardous Materials - This resource helps officials understand safe mail handling procedures and provides guidance on responding to potential hazardous materials exposure. Over the past two decades, U.S. government offices and employees have been the target of multiple ...
1 year ago Cisa.gov
CVE-2018-2728 - Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability ...
5 years ago
Progress Discloses Two New Vulnerabilities in MOVEit Products - Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products. The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration. It affects the Secure File Transfer Protocol ...
7 months ago Infosecurity-magazine.com
CVE-2020-9414 - The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions ...
4 years ago
CVE-2020-9413 - The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an ...
4 years ago
CVE-2021-21299 - hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 there is a vulnerability that can enable a request smuggling attack. The HTTP server code had a flaw that incorrectly ...
4 years ago
CVE-2007-1926 - Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in ...
6 years ago
What is SEO Poisoning Attack? - Search engine optimization (SEO) poisoning is a type of cyber attack that infiltrates search results. It consists of malicious search engine results created by an attacker attempting to redirect someone to malicious or vulnerable webpages. It is a ...
2 years ago Heimdalsecurity.com
10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
1 year ago Techtarget.com
CVE-2020-8015 - A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1. ...
4 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)