CVE-2025-52691

Summary

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Affected Software

VendorProductVersion RangeStatus
SmarterToolsSmarterMailSmarterMail versions Build 9406 and earlieraffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References