Critical SmarterMail Vulnerability Allows Remote Code Execution

Urgent security fix for SmarterMail vulnerability CVE-2025-52691 prevents remote code execution. Update to Build 9413 now.

By Content Team

Dec 30, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

SmarterTools has issued an urgent security fix for a critical vulnerability in SmarterMail that scores a perfect 10.0 on the severity scale. The flaw, CVE-2025-52691, lets unauthenticated attackers upload files anywhere on mail servers and execute remote code without needing login credentials.

The vulnerability affects SmarterMail Build 9406 and earlier versions, putting organizations at immediate risk of complete system compromise. Attackers could access sensitive emails, deploy malware, steal data, and move laterally through corporate networks.

Chua Meng Han from Singapore's CSIT discovered the flaw. SmarterTools has released Build 9413 as a fix. Organizations must update immediately to prevent potential attacks.

Source: Cyber Security News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

New 'CrashFix' Scam Intentionally Crashes Browsers to Deliver Malware

Jan 21, 2026

Major Polyfill Attack That Hit 100K Websites Traced Back to North Korean Hackers

Mar 15, 2026

Trivy Supply Chain Attack Expands With New Compromised Docker Images

Mar 23, 2026

Salesforce Customers Hit by Third Major Attack Wave in Six Months

Mar 11, 2026