Millions of Email Servers Exposed to Hacking Due to New 21Nails Exim Bugs

Millions of Email Servers Exposed to Hacking Due to New 21Nails Exim Bugs

The maintainers of Exim have released patches to remediate as many as 21 security vulnerabilities in its software that could enable unauthenticated attackers to achieve complete remote code execution and gain root privileges.


Collectively named '21Nails,' the flaws include 11 vulnerabilities that require local access to the server and 10 other weaknesses that could be exploited remotely. The issues were discovered by Qualys and reported to Exim on Oct. 20, 2020.


"Some of the vulnerabilities can be chained together to obtain a full remote unauthenticated code execution and gain root privileges on the Exim Server," Bharat Jogi, senior manager at Qualys, said in public disclosure. "Most of the vulnerabilities discovered by the Qualys Research Team for e.g. CVE-2020-28017 affects all versions of Exim going back all the way to 2004."





Exim is a popular mail transfer agent (MTA) used on Unix-like operating systems, with over 60% of the publicly reachable mail servers on the Internet running the software. A Shodan search reveals nearly four million Exim servers that are exposed online.

A quick summary of the 21 bugs is listed below. If successfully exploited, they could be used to tweak email settings and even add new accounts ..

Support the originator by clicking the read the rest link below.