For privacy obviously I wont share the site name, but the site is vulnerable explained in the following cve:
Seems like the attack is basically executed by a hacker listening to a victims email, and then when they recieve that victims packet they can manipulate it to execute remote commands like: RCPT TO:[email protected]
or maybe other more malicious requests? am i understanding that right?
which would mean in order to get the attack to work i would need to have a user from that site in a mitm attack of sorts and wait for them to request a email or send an email?