CVE-2026-3725

Summary

A flaw has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of the argument template_content can lead to improper neutralization of special elements used in a template engine. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
1024-labSmartAdmin3.0affected
1024-labSmartAdmin3.1affected
1024-labSmartAdmin3.2affected
1024-labSmartAdmin3.3affected
1024-labSmartAdmin3.4affected
1024-labSmartAdmin3.5affected
1024-labSmartAdmin3.6affected
1024-labSmartAdmin3.7affected
1024-labSmartAdmin3.8affected
1024-labSmartAdmin3.9affected
1024-labSmartAdmin3.10affected
1024-labSmartAdmin3.11affected
1024-labSmartAdmin3.12affected
1024-labSmartAdmin3.13affected
1024-labSmartAdmin3.14affected
1024-labSmartAdmin3.15affected
1024-labSmartAdmin3.16affected
1024-labSmartAdmin3.17affected
1024-labSmartAdmin3.18affected
1024-labSmartAdmin3.19affected
1024-labSmartAdmin3.20affected
1024-labSmartAdmin3.21affected
1024-labSmartAdmin3.22affected
1024-labSmartAdmin3.23affected
1024-labSmartAdmin3.24affected
1024-labSmartAdmin3.25affected
1024-labSmartAdmin3.26affected
1024-labSmartAdmin3.27affected
1024-labSmartAdmin3.28affected
1024-labSmartAdmin3.29affected
lab1024SmartAdmin3.0affected
lab1024SmartAdmin3.1affected
lab1024SmartAdmin3.2affected
lab1024SmartAdmin3.3affected
lab1024SmartAdmin3.4affected
lab1024SmartAdmin3.5affected
lab1024SmartAdmin3.6affected
lab1024SmartAdmin3.7affected
lab1024SmartAdmin3.8affected
lab1024SmartAdmin3.9affected
lab1024SmartAdmin3.10affected
lab1024SmartAdmin3.11affected
lab1024SmartAdmin3.12affected
lab1024SmartAdmin3.13affected
lab1024SmartAdmin3.14affected
lab1024SmartAdmin3.15affected
lab1024SmartAdmin3.16affected
lab1024SmartAdmin3.17affected
lab1024SmartAdmin3.18affected
lab1024SmartAdmin3.19affected
lab1024SmartAdmin3.20affected
lab1024SmartAdmin3.21affected
lab1024SmartAdmin3.22affected
lab1024SmartAdmin3.23affected
lab1024SmartAdmin3.24affected
lab1024SmartAdmin3.25affected
lab1024SmartAdmin3.26affected
lab1024SmartAdmin3.27affected
lab1024SmartAdmin3.28affected
lab1024SmartAdmin3.29affected

Weaknesses

  • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine
  • CWE-791: Incomplete Filtering of Special Elements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References