cPanel prior to 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
cpanel cpanel