CVE-2025-52691
Published Dec 29, 2025
Last updated a month ago
AI description
CVE-2025-52691 is a vulnerability in SmarterMail versions Build 9406 and earlier. It allows an unauthenticated attacker to upload arbitrary files to any location on the mail server. This vulnerability can lead to remote code execution, potentially giving attackers complete control over compromised systems. Exploitation could result in unauthorized access to sensitive email communications, malware deployment, data exfiltration, and lateral movement within corporate networks.
- Description
- Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
- Source
- 5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
- NVD status
- Analyzed
- Products
- smartermail
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability
- Exploit added on
- Jan 26, 2026
- Exploit action due
- Feb 16, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-434
- Hype score
- Not currently trending
The following vulnerabilities have been added to our feed: - CVE-2025-49113: Roundcube PHP Object Deserialization RCE - CVE-2025-52691: SmarterMail Arbitrary File Upload RCE - CVE-2026-23760: SmarterMail Authentication Bypass RCE https://t.co/Nw6eZdt4CA
@crowdfense
19 Feb 2026
622 Impressions
1 Retweet
5 Likes
5 Bookmarks
1 Reply
0 Quotes
🔔 New Outbreak Alert: Our researchers are tracking an unauthenticated remote code execution vulnerability (CVE-2025-52691) that is being actively exploited in SmarterTools' #SmarterMail servers. CVSS: 10.0 (Critical) 🚨 Get full details and mitigation guidance: https://t.c
@FortiGuardLabs
19 Feb 2026
376 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Do Smart People Ever Say They’re Smart? (SmarterTools SmarterMail Pre-Auth RCE CVE-2025-52691) - @watchtowrcyber https://t.co/Wyvj2ct5Xb
@pentest_swissky
17 Feb 2026
1709 Impressions
5 Retweets
19 Likes
10 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CSASingapore CVE-2025-52691 (CVSS 10): Critical SmarterMail Flaw Opens Servers to Unauthenticated Attacks https://t.co/PcslS9qSOv
@Komodosec
2 Feb 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Adds Exploited Microsoft Office, Linux Kernel, Telnetd, and SmarterMail Flaws to KEV — Feb 16 Patch Deadline CISA added five vulnerabilities (CVE-2026-21509, CVE-2018-14634, CVE-2026-24061, CVE-2025-52691, CVE-2026-23760) to the KEV catalog, requiring U.S. federal
@ThreatSynop
29 Jan 2026
155 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
❗️CVE-2025-52691: SmarterMail Authentication Bypass and RCE PoC https://t.co/MSohnh4yPi
@DarkWebInformer
28 Jan 2026
6107 Impressions
17 Retweets
60 Likes
29 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691: SmarterMail—CVSS 10.0, the perfect score. Unauth file upload → RCE on your mail server. 6,000+ exposed worldwide. Attackers get your emails AND a network pivot point. Still running unpatched? You're not hosting mail, you're hosting hackers.
@CisoRaging77913
28 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-52691 #SmarterTools #SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability https://t.co/YOoIYYSBam
@ScyScan
27 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two SmarterMail vulns were added to CISA KEV. I checked current patch adoption: 8,550 instances are still vulnerable to CVE-2026-23760 (auth bypass via admin password reset), and 6,657 to CVE-2025-52691 (RCE via arbitrary file upload). Only 26% (4,051) are fully patched. https://
@nekono_naha
27 Jan 2026
2446 Impressions
2 Retweets
8 Likes
2 Bookmarks
2 Replies
1 Quote
‼️CISA has added 5 vulnerabilities to the KEV Catalog https://t.co/9idGUAHIKd CVE-2018-14634: Linux Kernel Integer Overflow Vulnerability CVE-2025-52691: SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability CVE-2026-23760: SmarterTools
@DarkWebInformer
27 Jan 2026
3068 Impressions
8 Retweets
29 Likes
12 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-52691 PoC dropped! Authentication bypass in #SmarterMail. Python exploit script based on watchtowr's WT-2026-0001 analysis. #infosec #cybersecurity #exploit #CVE https://t.co/FbGrDezRcQ
@TheExploitLab
24 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Many sources reported the active exploitation of #CVE-2025-52691 CVSS: 10. A remote unauthenticated attacker can upload arbitrary files to the server, potentially enabling remote code execution #RCE! Check our advisory here: https://t.co/zlDDifdnag . #Patch #Patch #Patch
@CCBalert
23 Jan 2026
207 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness SmarterMail Version Enumeration: Threat Actors Building Target Lists Post-CVE-2025-52691 | 13-01-2026 Source: https://t.co/IUD7R9umsD Key details below ↓ 🎯Victims: Smartermail users 🌐Geo: India, Indonesia, Spain 🔓CVEs: CVE-2025-52691 h
@rst_cloud
16 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterMail [—] Jan 15, 2026 Critical Security Advisory: Unauthenticated Remote Code Execution (RCE) Vulnerability (CVE-2025-52691) in SmarterMail Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #LLM https://t.co/gAAkiFmc7D
@transilienceai
15 Jan 2026
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SMEs: a critical SmarterMail flaw (CVE-2025-52691) affects thousands of servers and attackers could take control without a password. Check your mail setup, patch what you own, and stay sane about updates. Read more: https://t.co/eMDunNzQUn
@StrongKeepCyber
15 Jan 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 - SmarterTools SmarterMail vulnerability https://t.co/Q8mfZ6hU3B https://t.co/93Bv76dIkk
@SirajD_Official
14 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We are scanning & reporting out SmarterMail hosts vulnerable to CVE-2025-52691 RCE (CVSS 10). 8001 unique IPs likely vulnerable on 2026-01-12 (out of 18783 exposed). Note Exploit PoCs are public. Tree Map view: https://t.co/ErLTyjDFPH Raw IP data in https://t.co/qxv0Gv5ELc
@Shadowserver
13 Jan 2026
1877 Impressions
8 Retweets
22 Likes
3 Bookmarks
1 Reply
0 Quotes
🚨 SmarterMail [—] Jan 13, 2026 Comprehensive Security Advisory: Critical Vulnerability (CVE-2025-52691) Enabling Remote Code Execution in SmarterMail Checkout our Threat Intelligence Platform: https://t.co/QuwNtEhw6z https://t.co/QuwNtEhw6z #LLM https://t.co/WW9fdrxzI8
@transilienceai
13 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution 🚨💥 CSA warns of a critical SmarterMail bug allowing remote code execution. Vulnerability: CVE-2025-52691. CVSS score: 10.0. Arbitrary file upload could lead to code execution without user input.
@HackonomicNews
12 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐔𝐩𝐝𝐚𝐭𝐞 𝐍𝐎𝐖! 𝐒𝐢𝐧𝐠𝐚𝐩𝐨𝐫𝐞𝐚𝐧 𝐠𝐨𝐯𝐞𝐫𝐧𝐦𝐞𝐧𝐭 𝐚𝐧𝐝 𝐜𝐲𝐛𝐞𝐫 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐟𝐢𝐫𝐦 𝐰𝐚𝐫𝐧 𝐨𝐟 𝐩𝐞𝐫𝐟𝐞𝐜𝐭 𝟏𝟎
@PurpleOps_io
12 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
After analyzing 60% of vulnerabilities from past week, CVE-2025-52691 has 6 articles published from different internet sources, no other cve has these many articles. More information here: https://t.co/SyyDujjO8C #vulnerability #CyberSecurity #ThreatIntel #CVE #SecurityAlert
@stooee_
10 Jan 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New Critical CVE: CVE-2025-52691 📊 Score:10.0 ‼️Remote Code Execution ⚡️Smartermail 📝 Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files... 🔗 Read Details: https://t.co/CqzeDRH07p #CVE #CyberSecur
@watchstackio
10 Jan 2026
5 Impressions
0 Retweets
3 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CVSS 10 SmarterMail Pre-Auth RCE (CVE-2025-52691) — Public PoC Raises Exploitation Risk SmarterMail’s unauthenticated `/api/upload` endpoint can be abused via a path-traversal in the `guid` value inside `contextData`, enabling arbitrary file write to web-accessible paths
@ThreatSynop
9 Jan 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 SmarterMail Pre-Auth RCE Python Script Was Public https://t.co/UZxuCnM19p #CVE #RCE
@sirifu4k1
9 Jan 2026
2464 Impressions
9 Retweets
41 Likes
16 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-52691 - critical 🚨 SmarterMail - Unrestricted File Upload > Mail server contains an unrestricted file upload vulnerability allowing unauthenticat... 👾 https://t.co/O6gD8OzxQi @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
9 Jan 2026
15 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
SmarterTools SmarterMail affected by pre-auth RCE vulnerability CVE-2025-52691, now patched. Admins should update promptly to prevent unauthenticated code execution. #RCE https://t.co/6XG6JRB18T
@threatcluster
8 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
And, we're back - analyzing CVE-2025-52691, a pre-auth RCE in SmarterTools SmarterMail mail server solution. Speak soon (:^)) and enjoy.. https://t.co/G0FNUC9tqK
@watchtowrcyber
8 Jan 2026
20095 Impressions
47 Retweets
156 Likes
62 Bookmarks
4 Replies
4 Quotes
🚨 SmarterMail [—] Jan 08, 2026 Comprehensive security advisory on the critical remote code execution vulnerability affecting SmarterMail (CVE-2025-52691). This report details the vulnerability, impacted versions, risk assessment, and comprehensive mitigation recommendations.
@transilienceai
8 Jan 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 - SmarterTools SmarterMail vulnerability https://t.co/7tjDbuE7nI https://t.co/UxsuE4KcC2
@CloudVirtues
7 Jan 2026
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 - SmarterTools SmarterMail vulnerability https://t.co/OcBCxSiM8Y https://t.co/lkT9LD3VAD
@PhotoZel
7 Jan 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterTools SmarterMail [—] Jan 07, 2026 Comprehensive security advisory with analysis of CVE-2025-52691, impacted versions, exploitation risk, international advisories, technical assessment, and actionable mitigation strategies for SmarterTools SmarterMail. Checkout our.
@transilienceai
7 Jan 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterTools SmarterMail [—] Jan 06, 2026 Urgent security advisory: Remote code execution threat due to an unauthenticated arbitrary file upload vulnerability (CVE-2025-52691) in SmarterMail. Patch immediately to prevent exploitation. Checkout our Threat Intelligence... ht
@transilienceai
6 Jan 2026
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterTools SmarterMail [—] Jan 04, 2026 Critical vulnerability analysis, impact assessment, and mitigation guidance for SmarterTools SmarterMail (CVE-2025-52691). Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/uyyQqm1FaV
@transilienceai
4 Jan 2026
166 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways https://t.co/HficFGALQG What happens when the email gateway protecting your organization’s critical communications fails to validate uploaded files an
@f1tym1
4 Jan 2026
150 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways - https://t.co/skRhk5vNjg
@Cyberwarzonecom
3 Jan 2026
124 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New plugin: SmarterMailPlugin (CVE-2025-52691). SmarterMail versions prior to Build 9413 affected by critical remote code execution vulnerability via arbitrary file upload. Results: https://t.co/4HiImPXvsj https://t.co/oNGLfzcZ9F
@leak_ix
2 Jan 2026
833 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 (CVSS:10.0, CRITICAL) is Undergoing Analysis. Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any lo..https://t.co/RF1rxG6aFv #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
2 Jan 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📣 We have added a new #vulnerability detection to our #ASM #AttackSurfaceManagement solution for #SmarterMail product: CVE-2025-52691: remote unauthenticated file upload & overwrite https://t.co/TtLXPj2Oyu https://t.co/7BYo66B42l
@onyphe
2 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterMail [—] Jan 02, 2026 Comprehensive advisory on critical unauthenticated arbitrary file upload and remote code execution vulnerability (CVE-2025-52691) in SmarterTools SmarterMail. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/Nh
@transilienceai
2 Jan 2026
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical patches released for IBM API Connect auth bypass and SmarterMail RCE (CVE-2025-52691). CISA mandates fixes for MongoBleed after Oracle EBS intrusions. ESA server breach confirmed; Disney settles $10M over child data. #DataPrivacy #USA https://t.co/5GwBNABG0i
@TweetThreatNews
1 Jan 2026
271 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical SmarterMail Vulnerability Alert 🚨 A newly disclosed flaw (CVE-2025-52691) allows unauthenticated remote code execution via arbitrary file upload.🔴 CVSS: 10.0 (Critical) 🔗 Full breakdown & mitigation: https://t.co/CESmSbLJHp #CyberSecurityAwareness #vul
@shetkar_pranay
31 Dec 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Singapore CSA Warns of Maximum-Severity SmarterMail RCE Flaw (CVE-2025-52691) CSA issued an alert for CVE-2025-52691 (CVSS 10.0), where an unauthenticated attacker can upload arbitrary files to the mail server and potentially achieve remote code execution; affected SmarterMa
@ThreatSynop
31 Dec 2025
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CSA has warned of a maximum-severity SmarterMail vulnerability (CVE-2025-52691) that could enable unauthenticated remote code execution if left unpatched. No exploitation has been confirmed, but updates are strongly advised. How do you assess risk when a critical flaw is https:
@TechNadu
31 Dec 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Singapore CSA warns of maximun severity SmarterMail RCE flaw: Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore… https://t.co/frAmpntA
@shah_sheikh
31 Dec 2025
94 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Major #exploit just dropped! APT-level PoC for CVE-2025-52691. Features stealth, persistence & data exfiltration. This is serious. #cybersecurity #infosec https://t.co/VmnfdQD1VX
@TheExploitLab
31 Dec 2025
163 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CSA alerte sur une faille critique (CVE-2025-52691) dans SmarterMail, permettant une exécution de code à distance. Score CVSS 10.0. #Cybersecurity #Vulnerability https://t.co/U3ss9188uQ @TheHackersNews
@cyberwatcher_
31 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Singapore CSA warns of CVE-2025-52691 in SmarterMail, allowing unauthenticated attackers to achieve remote code execution via arbitrary file uploads. https://t.co/eDmuTNKZgy #CyberSecurity #EmailSecurity #SmarterMail #RemoteCodeExecution #InfoSec #CSAAlert https://t.co/UbHHxhXd
@redsecuretech
31 Dec 2025
68 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
C'est la fête du mail 😭 ⚠ SmarterMail CVE-2025-52691 🡇Téléversement pré-auth de fichier /api/upload Detect https://t.co/L062in71SZ ⚠ Zimbra CVE-2025-68645 🡅Téléchargement pré-auth de fichier PoC http://cible/h/rest?javax.servlet.include.servlet_path=/WEB-INF
@mynameisv_
31 Dec 2025
92 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CSA issued alert on critical SmarterMail bug allowing remote code execution! CVE-2025-52691 with CVSS score 10.0. Unauthorized file upload can lead to code execution! #CyberSecurity #CriticalAlert 🛡️ Learn more: https://t.co/ptGpzedh8C
@HackingRabbitS
31 Dec 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691: The Zero-Day Survival Guide for SmarterTools Users—Update Now or Lose Your Data Read the full report on - https://t.co/wtqULu9krn https://t.co/JkmOOb2wui
@cyberbivash
31 Dec 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9F4301A-C277-47F6-841D-386EDD24EE67",
"versionEndExcluding": "100.0.9413"
}
],
"operator": "OR"
}
]
}
]