CVE-2022-41871

Medium CVSS: 6.0

SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root.

Vendor

Seppmail

Product

Seppmail

CWE

CWE-78

Yayın Tarihi

2025-04-28 16:15:24

Güncelleme

2025-05-14 18:58:36

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-78 Seppmail MEDIUM Seppmail 2025

Referanslar

https://code-white.com/public-vulnerability-list/ https://www.seppmail.com/products/

Benzer Kayıtlar

Critical

CVE-2026-2743

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected fea…

Medium

CVE-2026-2747

SEPPmail Secure Email Gateway before version 15.0.1 decrypts inline PGP messages without isolating them from surrounding…

High

CVE-2026-2748

SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses…

Medium

CVE-2026-2746

SEPPmail Secure Email Gateway before version 15.0.1 does not properly communicate PGP signature verification results, le…

Critical

CVE-2026-27442

The GINA web interface in SEPPmail Secure Email Gateway before version 15.0.1 does not properly check attachment filenam…

High

CVE-2026-27443

SEPPmail Secure Email Gateway before version 15.0.1 does not properly sanitize the headers from S/MIME protected MIME en…