CVE-2025-26794
HIGHExim 4.98 - Remote SQL Injection via SQLite Hints and ETRN Serialization
Title source: llmExploitation Summary
EIP tracks 3 public exploits for CVE-2025-26794. PoCs published by OscarBataille, XploitGh0st, ishwardeepp.
AI-analyzed exploit summary This repository contains a working proof-of-concept for CVE-2025-26794, a blind SQL injection vulnerability in Exim 4.98 when using SQLite as the DBM. The exploit leverages the ETRN command to inject arbitrary SQLite queries, demonstrated via a time-based payload.
Description
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. (Resolving SQL injection requires an update to 4.99.1 in certain non-default rate-limit configurations.)
Exploits (3)
This repository contains a working proof-of-concept for CVE-2025-26794, a blind SQL injection vulnerability in Exim 4.98 when using SQLite as the DBM. The exploit leverages the ETRN command to inject arbitrary SQLite queries, demonstrated via a time-based payload.
This repository contains a functional Python-based exploit for CVE-2025-26794, demonstrating SQL injection in Exim 4.98 via the ETRN command when using SQLite DBM storage. The exploit includes time-based blind SQL injection techniques for data extraction and automated database enumeration.
The repository contains Docker setup scripts for Exim but lacks actual exploit code for CVE-2025-26794. The commented SQLi payload in start-exim.sh suggests an SQL injection vulnerability but is not functional.
References (11)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H