CVE-2025-52691

Name of the Vulnerable Software and Affected Versions SmarterTools SmarterMail versions prior to Build 9413 SmarterTools SmarterMail version 9406 SmarterTools SmarterMail versions prior to Build 9406 SmarterTools SmarterMail versions prior to 9518

Description SmarterTools SmarterMail is affected by a critical vulnerability (CVE-2025-52691) that allows unauthenticated attackers to upload arbitrary files to any location on the mail server. Successful exploitation of this vulnerability could lead to remote code execution (RCE), potentially enabling full server compromise, data theft, and ransomware attacks. The vulnerability is related to a flaw in the

/api/upload

endpoint where the

guid

parameter within

contextData

allows for path traversal. Over 8,000 internet-exposed SmarterMail servers were reported as vulnerable as of January 12, 2026, and public proof-of-concept (PoC) exploits are available. Threat actors are actively scanning for vulnerable instances and compiling target lists. The Singapore Cyber Security Agency (CSA) has issued a high-severity alert regarding this vulnerability.

Recommendations Upgrade SmarterTools SmarterMail to Build 9413 or later. Upgrade SmarterTools SmarterMail to Build 9483. Upgrade SmarterTools SmarterMail to Build 9518.