This Metasploit module exploits a flaw in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to command execution with root privileges.
7b1fe00dfa2c9cc882752b38e5a6e0f2df1617a466c97478e2257a3f314a59fd