Home

Description

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

PUBLISHED Reserved 2025-06-19 | Published 2025-12-29 | Updated 2025-12-29 | Assigner CSA




CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Product status

Default status
unknown

SmarterMail versions Build 9406 and earlier
affected

Credits

Chua Meng Han finder

References

www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/

cve.org (CVE-2025-52691)

nvd.nist.gov (CVE-2025-52691)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.