CVE-2025-52691
SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability
⚠ KEVEPSS 89.7%
Description
SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
How to fix CVE-2025-52691
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2025-52691 being exploited?
Yes — CVE-2025-52691 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.