CVE-2025-52691

Name of the Vulnerable Software and Affected Versions SmarterMail versions prior to Build 9413 SmarterMail versions 9406 and earlier

Description A critical vulnerability exists in SmarterMail that allows unauthenticated attackers to upload arbitrary files to any location on the mail server, potentially enabling remote code execution. This flaw, tracked as CVE-2025-52691, has a CVSS score of 10.0, indicating maximum severity. Exploitation of this vulnerability could lead to full server compromise, data theft, and ransomware attacks. Approximately 8,000 internet-exposed SmarterMail servers were reported as vulnerable as of January 12, 2026, and a public Proof-of-Concept (PoC) exploit is available. The

/api/upload

endpoint is particularly vulnerable, with the

guid

parameter within

contextData

susceptible to path traversal attacks. The Singapore Cyber Security Agency (CSA) has issued an alert regarding this vulnerability.

Recommendations Upgrade SmarterMail to Build 9413 or later. For SmarterMail versions 9406 and earlier, apply the security update immediately. Review server logs for suspicious file uploads or unexpected files in web-accessible paths.