#smartermail

[ follow ]
#remote-code-execution #authentication-bypass #privilege-escalation #cve-2025-52691 #arbitrary-file-upload
Information security
fromThe Hacker News
4 days ago

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

An authentication bypass in SmarterMail allows unauthenticated users to reset any system administrator password via /api/v1/auth/force-reset-password, enabling potential full system compromise.
Information security
fromThe Hacker News
3 weeks ago

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Critical unauthenticated arbitrary-file-upload in SmarterMail (CVE-2025-52691) enables remote code execution; update to Build 9413 or later (Build 9483 recommended).
[ Load more ]