CRITICAL🇵🇱 Wersja polska

CVE-2026-2743

CVSS 10.0v4.0pub. 2026-03-05upd. 2026-05-19

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before

🤖 AI Analysis
How it works

The attacker exploits a path traversal vulnerability (CWE-22) during file upload through the LFT function, allowing the file to be placed outside the intended target directory. Combined with the ability to upload arbitrary files (CWE-434 — Unrestricted Upload of File with Dangerous Type), this results in the possibility of writing a malicious executable file anywhere on the server's file system. The attack requires no authentication or user interaction, and can be executed remotely over the network.

Impact

An attacker can gain full control over the SeppMail server through remote code execution (RCE), threatening the confidentiality, integrity, and availability of both the system itself and related systems.

Mitigation & patch

Update SeppMail to a version newer than 15.0.2.1. Detailed information about the patch is available in the vendor's release notes at: https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html

Who is affected

SeppMail versions 15.0.2.1 and earlier

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X
  • Seppmail

    APP
    Seppmail
    ≤ 15.0.2.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEPath Traversal
CWE
References

Related vulnerabilities

CVE-2026-27442CRITICAL9.3PL ✓ten sam produkt

SEPPmail Secure Email Gateway — path traversal w interfejsie GINA

CVE-2026-27441CRITICAL9.5PL ✓ten sam produkt

Command injection w SEPPmail Secure Email Gateway poprzez hasło szyfrowania PDF

CVE-2026-27444HIGH7.8ten sam produkt

SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the email header...

CVE-2026-27443HIGH8.2ten sam produkt

SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protect...

CVE-2026-2748HIGH7.8ten sam produkt

SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email ...