How severe is CVE-2023-42117?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2023-42117?

This is classified as CWE-138, which is a common weakness in software security.

CVE-2023-42117 - HIGH Severity | CVSS 8.1

Vulnerability Description

Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17554.

Related Vulnerabilities

CVE-2022-2429

HIGH

CVSS:8.0(High)

The Ultimate SMS Notifications for WooCommerce plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.4.1 via the 'Export Utility' functionality. This makes it possibl...

CWE-1382022

CVE-2024-38133

HIGH

CVSS:7.8(High)

Windows Kernel Elevation of Privilege Vulnerability

CWE-1382024

CVE-2016-0750

HIGH

CVSS:8.8(High)

The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-craft...

CWE-1382016

CVE-2022-0024

HIGH

CVSS:7.2(High)

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system proces...

CWE-1382022

CVE-2016-0750

HIGH

CVSS:8.8(High)

CWE-1382016

CVE-2022-2429

HIGH

CVSS:8.0(High)

CWE-1382022