Command Injection Vulnerability in SEPPmail Admin Portal
CVE-2022-41871

8.8HIGH

Key Information:

Vendor: Seppmail
Status: Seppmail
Vendor: CVE Published:; 28 April 2025

What is CVE-2022-41871?

The SEPPmail Admin Portal contains a command injection vulnerability that can be exploited by authenticated attackers. This flaw allows them to execute arbitrary commands with root privileges, potentially compromising the system's integrity and security. Effective mitigation strategies should be employed to safeguard against such vulnerabilities, especially in environments where sensitive data is handled.

Affected Version(s)

SEPPmail 12.1.17

References

https://www.seppmail.com/products/

https://code-white.com/public-vulnerability-list/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2025
Vulnerability Reserved
Sep 30, 2022

CVE-2022-41871 Data

JSON

Seppmail

What is CVE-2022-41871?

Affected Version(s)

References

CVSS V3.1

Timeline