← voltar
CVE-2026-8811

Path traversal in PDF generation module

CVSS 7.1 HIGHEPSS 0.3%CWE-22
SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L
Produtos afetados
SEPPmail AG · Secure Email Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#possible-path-traversal-vulnerability