Summary
SmarterTools released a critical update for SmarterMail to fix CVE-2025-52691 that allows unauthenticated remote code execution. Attackers can exploit this flaw to upload malicious files and gain full control over email servers.
Take Action:
If you are using SmarterMail update ASAP. There is a trivial flaw to upload files and take over your system. You can't hide this behind a firewall, it's designed to be exposed to the internet. After patching, check your server logs for any new or strange files that appeared before you patched.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)