CVE-2025-52691
Upload Arbitrary Files
In short
An attacker can upload any file to a mail server without logging in, which could let them run malicious code on the server. This is a critical flaw because it gives complete control to attackers.
Technical detail
This CWE-434 vulnerability allows unauthenticated arbitrary file upload to the mail server filesystem without proper validation or access controls. Successful exploitation enables remote code execution by uploading malicious scripts or binaries to executable paths, resulting in complete system compromise.
Summary generated and translated by AI from the official description.
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
SmarterTools · SmarterMailpublic PoCs found — 10
githubgithub.com/watchtowrlabs/watchTowr-vs-SmarterMail-CVE-2025-52691★ 19githubgithub.com/rxerium/CVE-2025-52691★ 19githubgithub.com/rimbadirgantara/CVE-2025-52691-poc★ 3githubgithub.com/DeathShotXD/CVE-2025-52691-APT-PoC★ 3githubgithub.com/nxgn-kd01/smartermail-cve-scanner★ 1githubgithub.com/you-ssef9/CVE-2025-52691★ 1githubgithub.com/mohammadzarnian1357/Ashwesker-CVE-2025-52691★ 0githubgithub.com/Udyz/CVE-2025-52691★ 0githubgithub.com/ninjazan420/CVE-2025-52691-PoC-SmarterMail-authentication-bypass-exploit-WT-2026-0001★ 0cve_referencegithub.com/watchtowrlabs/watchTowr-vs-SmarterMail-CVE-2025-52691?ref=labs.watchtowr.comunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →