| Reporter | Title | Published | Views | Family All 41 |
|---|---|---|---|---|
| Exploit for CVE-2025-52691 | 30 Dec 202518:21 | – | githubexploit | |
| Exploit for Unrestricted Upload of File with Dangerous Type in Smartertools Smartermail | 8 Jan 202611:42 | – | githubexploit | |
| Exploit for Unrestricted Upload of File with Dangerous Type in Smartertools Smartermail | 5 Jan 202613:46 | – | githubexploit | |
| Exploit for CVE-2025-52691 | 29 Dec 202516:23 | – | githubexploit | |
| Exploit for CVE-2025-52691 | 30 Dec 202514:58 | – | githubexploit | |
| Exploit for Unrestricted Upload of File with Dangerous Type in Smartertools Smartermail | 23 Jan 202611:48 | – | githubexploit | |
| Exploit for CVE-2025-52691 | 30 Dec 202510:24 | – | githubexploit | |
| Exploit for CVE-2025-52691 | 30 Dec 202518:37 | – | githubexploit | |
| Exploit for CVE-2025-52691 | 30 Dec 202506:13 | – | githubexploit | |
| Exploit for CVE-2025-52691 | 31 Dec 202507:01 | – | githubexploit |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(297222);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/11");
script_cve_id("CVE-2025-52691");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2026/02/16");
script_name(english:"SmarterMail < 100.0.9413 Unrestricted File Upload Remote Code Execution (CVE-2025-52691)");
script_set_attribute(attribute:"synopsis", value:
"The remote mail server is affected by a remote code execution vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of SmarterTools SmarterMail installed on the remote host is prior to 100.0.9413. It is,
therefore, affected by a remote code execution vulnerability. SmarterTools SmarterMail contains an
unrestricted file upload vulnerability that could allow an unauthenticated attacker to upload arbitrary files
to any location on the mail server, potentially enabling remote code execution.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported
version number.");
script_set_attribute(attribute:"see_also", value:"https://www.smartertools.com/smartermail/release-notes/current");
script_set_attribute(attribute:"see_also", value:"https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/");
script_set_attribute(attribute:"solution", value:
"Upgrade to SmarterTools SmarterMail version 100.0.9413 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-52691");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'SmarterTools SmarterMail GUID File Upload Vulnerability');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/12/29");
script_set_attribute(attribute:"patch_publication_date", value:"2025/10/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/30");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:smartertools:smartermail");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("smartertools_smartermail_detect.nbin");
script_require_keys("installed_sw/SmarterTools SmarterMail");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'checks': [
{
'product': {'name': 'SmarterTools SmarterMail', 'type': 'app'},
'check_algorithm': 'default',
'constraints': [{'fixed_version': '100.0.9413'}]
}
]
};
var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation