Smartertools Smartermail
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Smartertools Smartermail.
Known Exploited Smartertools Smartermail Vulnerabilities
The following Smartertools Smartermail vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability |
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution. CVE-2026-24423 Exploit Probability: 66.4% |
February 5, 2026 |
| SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability |
SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution. CVE-2025-52691 Exploit Probability: 87.3% |
January 26, 2026 |
| SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability |
SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. This could allow an unauthenticated attacker to supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance CVE-2026-23760 Exploit Probability: 78.7% |
January 26, 2026 |
Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. The vulnerability CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.
By the Year
In 2026 there have been 5 vulnerabilities in Smartertools Smartermail with an average score of 7.4 out of ten. Last year, in 2025 Smartermail had 1 security vulnerability published. That is, 4 more vulnerabilities have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 2.65
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 5 | 7.35 |
| 2025 | 1 | 10.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 5.40 |
| 2022 | 0 | 0.00 |
| 2021 | 5 | 7.10 |
| 2020 | 0 | 0.00 |
| 2019 | 4 | 7.65 |
It may take a day or so for new Smartermail vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Smartertools Smartermail Security Vulnerabilities
SmarterMail XSS via MAPI requests (pre-9526)
CVE-2026-26930
7.2 - High
- February 16, 2026
SmarterTools SmarterMail before 9526 allows XSS via MAPI requests.
XSS
SmarterMail Unauth Path Coercion Enables SMB Relay on Windows
CVE-2026-25067
- January 29, 2026
SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticated path coercion vulnerability in the background-of-the-day preview endpoint. The application base64-decodes attacker-supplied input and uses it as a filesystem path without validation. On Windows systems, this allows UNC paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts. This can be abused for credential coercion, NTLM relay attacks, and unauthorized network authentication.
Use of Incorrectly-Resolved Name or Reference
SmarterMail RCE via ConnectToHub API - Unauthenticated Remote Code Execution
CVE-2026-24423
- January 23, 2026
SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application.
Missing Authentication for Critical Function
SmarterMail Auth Bypass via Force Reset Password (CVE-2026-23760)
CVE-2026-23760
- January 22, 2026
SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance. NOTE: SmarterMail system administrator privileges grant the ability to execute operating system commands via built-in management functionality, effectively providing administrative (SYSTEM or root) access on the underlying host.
Authentication Bypass Using an Alternate Path or Channel
SmarterTrack Info Disclosure Chat Search /Management/Chat/frmChatSearch.aspx
CVE-2020-36926
7.5 - High
- January 15, 2026
SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with their unique identifiers.
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Successful exploitation of the vulnerability could
CVE-2025-52691
10 - Critical
- December 29, 2025
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.
Unrestricted File Upload
SmarterMail Stored XSS via Calendar Description
CVE-2023-48116
5.4 - Medium
- December 21, 2023
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment.
XSS
SmarterMail XSS via SVG Upload with @ char in youtube.com URL
CVE-2023-48114
5.4 - Medium
- December 21, 2023
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows youtube.com followed by an @ character and an attacker-controlled domain name.
XSS
SmarterTools SmarterMail DOM XSS via messageHTML/PlainText (CVE-2023-48115)
CVE-2023-48115
5.4 - Medium
- December 21, 2023
SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request.
XSS
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803
CVE-2021-32234
9.8 - Critical
- November 17, 2021
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803
CVE-2021-43977
6.1 - Medium
- November 17, 2021
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.
XSS
SmarterTools SmarterMail 16.x before build 7866 has stored XSS
CVE-2021-40377
5.4 - Medium
- September 08, 2021
SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application.
XSS
An issue was discovered in SmarterTools SmarterMail through 100.0.7537
CVE-2020-29548
8.1 - High
- August 17, 2021
An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session.
Command Injection
SmarterTools SmarterMail before Build 7776
CVE-2021-32233
6.1 - Medium
- July 06, 2021
SmarterTools SmarterMail before Build 7776 allows XSS.
XSS
SmarterTools SmarterMail 16.x before build 6995 has stored XSS
CVE-2019-7211
6.1 - Medium
- April 24, 2019
SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaScript code could be executed on the application by opening a malicious email or when viewing a malicious file attachment.
XSS
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data
CVE-2019-7214
9.8 - Critical
- April 24, 2019
SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.
Marshaling, Unmarshaling
SmarterTools SmarterMail 16.x before build 6985 allows directory traversal
CVE-2019-7213
6.5 - Medium
- April 24, 2019
SmarterTools SmarterMail 16.x before build 6985 allows directory traversal. An authenticated user could delete arbitrary files or could create files in new folders in arbitrary locations on the mail server. This could lead to command execution on the server for instance by putting files inside the web directories.
Directory traversal
SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys
CVE-2019-7212
8.2 - High
- April 24, 2019
SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. An unauthenticated attacker could access other users emails and file attachments. It was also possible to interact with mailing lists.
Use of Hard-coded Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Smartertools Smartermail or by Smartertools? Click the Watch button to subscribe.
