Critical SmarterMail flaw allows unauthenticated remote code execution
Take action: If you are using SmarterMail update ASAP. There is a trivial flaw to upload files and take over your system. You can't hide this behind a firewall, it's designed to be exposed to the internet. After patching, check your server logs for any new or strange files that appeared before you patched.
Learn More
SmarterTools released an update for SmarterMail to fix a vulnerability that allows attackers to take over SmarterMail servers.
This flaw is tracked as CVE-2025-52691 (CVSS score 10.0), unauthenticated arbitrary file upload vulnerability that leads to remote code execution. Since mail servers usually sit on the edge of a network, they are prime targets for this kind of attack. By placing a script in a web folder, the attacker can then run that script to execute commands. This gives them the same power as a system administrator over the mail server and its data.
This flaw affects all SmarterMail versions before Build 9406. SmarterTools released Build 9413 to fix the problem.
Administrators should check their version in the console and update immediately. After the update, check your server logs for any files you do not recognize.
