CVE-2025-52691
Published Dec 29, 2025
Last updated 3 months ago
- Description
- Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
- Source
- 5f57b9bf-260d-4433-bf07-b6a79e9bb7d4
- NVD status
- Analyzed
- Products
- smartermail
CVSS 3.1
- Type
- Secondary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability
- Exploit added on
- Jan 26, 2026
- Exploit action due
- Feb 16, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-434
- Hype score
- Not currently trending
🚨 [CRITICAL] Active exploitation detected: CVE-2025-52691 Exploit in the wild confirmed for CVE-2025-52691 (CVSS 10.0). SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vul... 🔗 https://t.co/RZBhpWnHFz #ZeroDay #ExploitInWild #CyberSecu
@ctiwatchcloud
11 Apr 2026
161 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
''Do Smart People Ever Say They’re Smart? (SmarterTools SmarterMail Pre-Auth RCE CVE-2025-52691)'' #infosec #pentest #redteam #blueteam https://t.co/RZQMyZr0Ge
@CyberWarship
22 Mar 2026
1551 Impressions
2 Retweets
7 Likes
5 Bookmarks
0 Replies
0 Quotes
🛡️ Alerta de Seguridad: Vulnerabilidad de Carga Ilimitada de Archivos en SmarterMail (CVE-2025-52691) SmarterTools SmarterMail presenta una vulnerabilidad crítica (CVSS 10.0) de carga ilimitada de archivos peligrosos (CWE-434), permitiendo a atacantes no autenticados subir
@CiberPlanetaOrg
16 Mar 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cloudflare has released new WAF rules addressing the following CVEs to enhance customer protection. SmarterMail - Arbitrary File Upload (CVE-2025-52691) SmarterMail - Authentication Bypass (CVE-2026-23760) https://t.co/PZnybPuWA1
@Cloudforce_One
4 Mar 2026
499 Impressions
0 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
The following vulnerabilities have been added to our feed: - CVE-2025-49113: Roundcube PHP Object Deserialization RCE - CVE-2025-52691: SmarterMail Arbitrary File Upload RCE - CVE-2026-23760: SmarterMail Authentication Bypass RCE https://t.co/Nw6eZdt4CA
@crowdfense
19 Feb 2026
622 Impressions
1 Retweet
5 Likes
5 Bookmarks
1 Reply
0 Quotes
🔔 New Outbreak Alert: Our researchers are tracking an unauthenticated remote code execution vulnerability (CVE-2025-52691) that is being actively exploited in SmarterTools' #SmarterMail servers. CVSS: 10.0 (Critical) 🚨 Get full details and mitigation guidance: https://t.c
@FortiGuardLabs
19 Feb 2026
376 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Do Smart People Ever Say They’re Smart? (SmarterTools SmarterMail Pre-Auth RCE CVE-2025-52691) - @watchtowrcyber https://t.co/Wyvj2ct5Xb
@pentest_swissky
17 Feb 2026
1709 Impressions
5 Retweets
19 Likes
10 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CSASingapore CVE-2025-52691 (CVSS 10): Critical SmarterMail Flaw Opens Servers to Unauthenticated Attacks https://t.co/PcslS9qSOv
@Komodosec
2 Feb 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Adds Exploited Microsoft Office, Linux Kernel, Telnetd, and SmarterMail Flaws to KEV — Feb 16 Patch Deadline CISA added five vulnerabilities (CVE-2026-21509, CVE-2018-14634, CVE-2026-24061, CVE-2025-52691, CVE-2026-23760) to the KEV catalog, requiring U.S. federal
@ThreatSynop
29 Jan 2026
155 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
❗️CVE-2025-52691: SmarterMail Authentication Bypass and RCE PoC https://t.co/MSohnh4yPi
@DarkWebInformer
28 Jan 2026
6107 Impressions
17 Retweets
60 Likes
29 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691: SmarterMail—CVSS 10.0, the perfect score. Unauth file upload → RCE on your mail server. 6,000+ exposed worldwide. Attackers get your emails AND a network pivot point. Still running unpatched? You're not hosting mail, you're hosting hackers.
@CisoRaging77913
28 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-52691 #SmarterTools #SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability https://t.co/YOoIYYSBam
@ScyScan
27 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Two SmarterMail vulns were added to CISA KEV. I checked current patch adoption: 8,550 instances are still vulnerable to CVE-2026-23760 (auth bypass via admin password reset), and 6,657 to CVE-2025-52691 (RCE via arbitrary file upload). Only 26% (4,051) are fully patched. https://
@nekono_naha
27 Jan 2026
2446 Impressions
2 Retweets
8 Likes
2 Bookmarks
2 Replies
1 Quote
‼️CISA has added 5 vulnerabilities to the KEV Catalog https://t.co/9idGUAHIKd CVE-2018-14634: Linux Kernel Integer Overflow Vulnerability CVE-2025-52691: SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability CVE-2026-23760: SmarterTools
@DarkWebInformer
27 Jan 2026
3068 Impressions
8 Retweets
29 Likes
12 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-52691 PoC dropped! Authentication bypass in #SmarterMail. Python exploit script based on watchtowr's WT-2026-0001 analysis. #infosec #cybersecurity #exploit #CVE https://t.co/FbGrDezRcQ
@TheExploitLab
24 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Many sources reported the active exploitation of #CVE-2025-52691 CVSS: 10. A remote unauthenticated attacker can upload arbitrary files to the server, potentially enabling remote code execution #RCE! Check our advisory here: https://t.co/zlDDifdnag . #Patch #Patch #Patch
@CCBalert
23 Jan 2026
207 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness SmarterMail Version Enumeration: Threat Actors Building Target Lists Post-CVE-2025-52691 | 13-01-2026 Source: https://t.co/IUD7R9umsD Key details below ↓ 🎯Victims: Smartermail users 🌐Geo: India, Indonesia, Spain 🔓CVEs: CVE-2025-52691 h
@rst_cloud
16 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterMail [—] Jan 15, 2026 Critical Security Advisory: Unauthenticated Remote Code Execution (RCE) Vulnerability (CVE-2025-52691) in SmarterMail Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #LLM https://t.co/gAAkiFmc7D
@transilienceai
15 Jan 2026
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SMEs: a critical SmarterMail flaw (CVE-2025-52691) affects thousands of servers and attackers could take control without a password. Check your mail setup, patch what you own, and stay sane about updates. Read more: https://t.co/eMDunNzQUn
@StrongKeepCyber
15 Jan 2026
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 - SmarterTools SmarterMail vulnerability https://t.co/Q8mfZ6hU3B https://t.co/93Bv76dIkk
@SirajD_Official
14 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We are scanning & reporting out SmarterMail hosts vulnerable to CVE-2025-52691 RCE (CVSS 10). 8001 unique IPs likely vulnerable on 2026-01-12 (out of 18783 exposed). Note Exploit PoCs are public. Tree Map view: https://t.co/ErLTyjDFPH Raw IP data in https://t.co/qxv0Gv5ELc
@Shadowserver
13 Jan 2026
1877 Impressions
8 Retweets
22 Likes
3 Bookmarks
1 Reply
0 Quotes
🚨 SmarterMail [—] Jan 13, 2026 Comprehensive Security Advisory: Critical Vulnerability (CVE-2025-52691) Enabling Remote Code Execution in SmarterMail Checkout our Threat Intelligence Platform: https://t.co/QuwNtEhw6z https://t.co/QuwNtEhw6z #LLM https://t.co/WW9fdrxzI8
@transilienceai
13 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution 🚨💥 CSA warns of a critical SmarterMail bug allowing remote code execution. Vulnerability: CVE-2025-52691. CVSS score: 10.0. Arbitrary file upload could lead to code execution without user input.
@HackonomicNews
12 Jan 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 𝐔𝐩𝐝𝐚𝐭𝐞 𝐍𝐎𝐖! 𝐒𝐢𝐧𝐠𝐚𝐩𝐨𝐫𝐞𝐚𝐧 𝐠𝐨𝐯𝐞𝐫𝐧𝐦𝐞𝐧𝐭 𝐚𝐧𝐝 𝐜𝐲𝐛𝐞𝐫 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐟𝐢𝐫𝐦 𝐰𝐚𝐫𝐧 𝐨𝐟 𝐩𝐞𝐫𝐟𝐞𝐜𝐭 𝟏𝟎
@PurpleOps_io
12 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
After analyzing 60% of vulnerabilities from past week, CVE-2025-52691 has 6 articles published from different internet sources, no other cve has these many articles. More information here: https://t.co/SyyDujjO8C #vulnerability #CyberSecurity #ThreatIntel #CVE #SecurityAlert
@stooee_
10 Jan 2026
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New Critical CVE: CVE-2025-52691 📊 Score:10.0 ‼️Remote Code Execution ⚡️Smartermail 📝 Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files... 🔗 Read Details: https://t.co/CqzeDRH07p #CVE #CyberSecur
@watchstackio
10 Jan 2026
5 Impressions
0 Retweets
3 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CVSS 10 SmarterMail Pre-Auth RCE (CVE-2025-52691) — Public PoC Raises Exploitation Risk SmarterMail’s unauthenticated `/api/upload` endpoint can be abused via a path-traversal in the `guid` value inside `contextData`, enabling arbitrary file write to web-accessible paths
@ThreatSynop
9 Jan 2026
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 SmarterMail Pre-Auth RCE Python Script Was Public https://t.co/UZxuCnM19p #CVE #RCE
@sirifu4k1
9 Jan 2026
2464 Impressions
9 Retweets
41 Likes
16 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-52691 - critical 🚨 SmarterMail - Unrestricted File Upload > Mail server contains an unrestricted file upload vulnerability allowing unauthenticat... 👾 https://t.co/O6gD8OzxQi @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
9 Jan 2026
15 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
SmarterTools SmarterMail affected by pre-auth RCE vulnerability CVE-2025-52691, now patched. Admins should update promptly to prevent unauthenticated code execution. #RCE https://t.co/6XG6JRB18T
@threatcluster
8 Jan 2026
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
And, we're back - analyzing CVE-2025-52691, a pre-auth RCE in SmarterTools SmarterMail mail server solution. Speak soon (:^)) and enjoy.. https://t.co/G0FNUC9tqK
@watchtowrcyber
8 Jan 2026
20095 Impressions
47 Retweets
156 Likes
62 Bookmarks
4 Replies
4 Quotes
🚨 SmarterMail [—] Jan 08, 2026 Comprehensive security advisory on the critical remote code execution vulnerability affecting SmarterMail (CVE-2025-52691). This report details the vulnerability, impacted versions, risk assessment, and comprehensive mitigation recommendations.
@transilienceai
8 Jan 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 - SmarterTools SmarterMail vulnerability https://t.co/7tjDbuE7nI https://t.co/UxsuE4KcC2
@CloudVirtues
7 Jan 2026
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 - SmarterTools SmarterMail vulnerability https://t.co/OcBCxSiM8Y https://t.co/lkT9LD3VAD
@PhotoZel
7 Jan 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterTools SmarterMail [—] Jan 07, 2026 Comprehensive security advisory with analysis of CVE-2025-52691, impacted versions, exploitation risk, international advisories, technical assessment, and actionable mitigation strategies for SmarterTools SmarterMail. Checkout our.
@transilienceai
7 Jan 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterTools SmarterMail [—] Jan 06, 2026 Urgent security advisory: Remote code execution threat due to an unauthenticated arbitrary file upload vulnerability (CVE-2025-52691) in SmarterMail. Patch immediately to prevent exploitation. Checkout our Threat Intelligence... ht
@transilienceai
6 Jan 2026
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterTools SmarterMail [—] Jan 04, 2026 Critical vulnerability analysis, impact assessment, and mitigation guidance for SmarterTools SmarterMail (CVE-2025-52691). Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/uyyQqm1FaV
@transilienceai
4 Jan 2026
166 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways https://t.co/HficFGALQG What happens when the email gateway protecting your organization’s critical communications fails to validate uploaded files an
@f1tym1
4 Jan 2026
150 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways - https://t.co/skRhk5vNjg
@Cyberwarzonecom
3 Jan 2026
124 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New plugin: SmarterMailPlugin (CVE-2025-52691). SmarterMail versions prior to Build 9413 affected by critical remote code execution vulnerability via arbitrary file upload. Results: https://t.co/4HiImPXvsj https://t.co/oNGLfzcZ9F
@leak_ix
2 Jan 2026
833 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-52691 (CVSS:10.0, CRITICAL) is Undergoing Analysis. Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any lo..https://t.co/RF1rxG6aFv #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
2 Jan 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📣 We have added a new #vulnerability detection to our #ASM #AttackSurfaceManagement solution for #SmarterMail product: CVE-2025-52691: remote unauthenticated file upload & overwrite https://t.co/TtLXPj2Oyu https://t.co/7BYo66B42l
@onyphe
2 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SmarterMail [—] Jan 02, 2026 Comprehensive advisory on critical unauthenticated arbitrary file upload and remote code execution vulnerability (CVE-2025-52691) in SmarterTools SmarterMail. Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1... https://t.co/Nh
@transilienceai
2 Jan 2026
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical patches released for IBM API Connect auth bypass and SmarterMail RCE (CVE-2025-52691). CISA mandates fixes for MongoBleed after Oracle EBS intrusions. ESA server breach confirmed; Disney settles $10M over child data. #DataPrivacy #USA https://t.co/5GwBNABG0i
@TweetThreatNews
1 Jan 2026
271 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical SmarterMail Vulnerability Alert 🚨 A newly disclosed flaw (CVE-2025-52691) allows unauthenticated remote code execution via arbitrary file upload.🔴 CVSS: 10.0 (Critical) 🔗 Full breakdown & mitigation: https://t.co/CESmSbLJHp #CyberSecurityAwareness #vul
@shetkar_pranay
31 Dec 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Singapore CSA Warns of Maximum-Severity SmarterMail RCE Flaw (CVE-2025-52691) CSA issued an alert for CVE-2025-52691 (CVSS 10.0), where an unauthenticated attacker can upload arbitrary files to the mail server and potentially achieve remote code execution; affected SmarterMa
@ThreatSynop
31 Dec 2025
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CSA has warned of a maximum-severity SmarterMail vulnerability (CVE-2025-52691) that could enable unauthenticated remote code execution if left unpatched. No exploitation has been confirmed, but updates are strongly advised. How do you assess risk when a critical flaw is https:
@TechNadu
31 Dec 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Singapore CSA warns of maximun severity SmarterMail RCE flaw: Singapore’s CSA warns of CVE-2025-52691, a critical SmarterMail flaw enabling unauthenticated remote code execution via arbitrary file upload. Singapore’s Cyber Security Agency of Singapore… https://t.co/frAmpntA
@shah_sheikh
31 Dec 2025
94 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Major #exploit just dropped! APT-level PoC for CVE-2025-52691. Features stealth, persistence & data exfiltration. This is serious. #cybersecurity #infosec https://t.co/VmnfdQD1VX
@TheExploitLab
31 Dec 2025
163 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CSA alerte sur une faille critique (CVE-2025-52691) dans SmarterMail, permettant une exécution de code à distance. Score CVSS 10.0. #Cybersecurity #Vulnerability https://t.co/U3ss9188uQ @TheHackersNews
@cyberwatcher_
31 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:smartertools:smartermail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9F4301A-C277-47F6-841D-386EDD24EE67",
"versionEndExcluding": "100.0.9413",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]