Dario Weiss

**Name of the Vulnerable Software and Affected Versions** SEPPmail Secure Email Gateway versions prior to 15.0.4 **Description** The new GINA UI fails to enforce authorization checks for multiple endpoints. This allows unauthenticated remote attackers to access functionality that should require a valid session. **Recommendations** Update to version 15.0.4 or later.

**Name of the Vulnerable Software and Affected Versions** SEPPmail Secure Email Gateway versions prior to 15.0.4 **Description** An unauthenticated path traversal issue exists in the '/api.app/attachment/preview' endpoint. This allows remote attackers to read arbitrary local files and trigger the deletion of files within the targeted directory using the privileges of the `api.app` process via the `identifier` parameter. **Recommendations** Update to version 15.0.4 or later. As a temporary workaround, restrict access to the '/api.app/attachment/preview' endpoint or avoid using the `identifier` parameter until the update is applied.

**Name of the Vulnerable Software and Affected Versions** SEPPmail Secure Email Gateway versions prior to 15.0.2.1 **Description** The new GINA UI allows unauthenticated remote code execution. This occurs because an endpoint passes attacker-controlled input from a parameter to the Perl `eval()` function, which executes arbitrary code. **Recommendations** Update to version 15.0.2.1.

**Name of the Vulnerable Software and Affected Versions** SEPPmail Secure Email Gateway versions prior to 15.0.4 **Description** The new GINA UI contains a server-side template injection (SSTI)—a flaw where an application embeds user input into a server-side template without proper validation—because an endpoint accepts attacker-controlled templates. This allows remote attackers to execute arbitrary template expressions, which may lead to remote code execution depending on the enabled template plugins. **Recommendations** Update to version 15.0.4 or later.

**Name of the Vulnerable Software and Affected Versions** SEPPmail Secure Email Gateway versions prior to 15.0.4 **Description** An unauthenticated endpoint in the new GINA UI exposes server environment variables, which allows remote attackers to obtain sensitive system information. **Recommendations** Update to version 15.0.4 or later.

**Name of the Vulnerable Software and Affected Versions** SEPPmail Secure Email Gateway versions prior to 15.0.4 **Description** Insecure deserialization of untrusted data occurs within the new GINA UI. This flaw allows unauthenticated remote attackers to execute arbitrary code by sending a specially crafted serialized object. **Recommendations** Update to version 15.0.4 or later.