Remote Code Execution Vulnerability in SmarterMail by SmarterTools
CVE-2021-32234

9.8CRITICAL

Key Information:

Vendor: Smartertools
Status: Smartermail
Vendor: CVE Published:; 17 November 2021

🔔 Create Smartertools Vulnerability Alert

What is CVE-2021-32234?

A vulnerability in SmarterMail versions 16.x to 100.x prior to 100.0.7803 enables remote code execution, allowing an attacker to execute arbitrary code on the affected systems. This can lead to significant security incidents, potentially compromising sensitive data and system integrity. Users are urged to update their software promptly to mitigate risks associated with this vulnerability.

References

https://www.smartertools.com/smartermail/release-notes/cu...

x_refsource_MISC

https://csirt.divd.nl/cases/DIVD-2021-00006/

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 17, 2021
Vulnerability Reserved
May 7, 2021