Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

The Hacker News by The Hacker News
May 19, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Ravie LakshmananMay 19, 2026Vulnerability / Email Security

Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance.

“These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the internal network,” InfoGuard Labs researchers Dario Weiss, Manuel Feifel, and Olivier Becker said in a Monday report.

The list of identified flaws is as follows –

  • CVE-2026-2743 (CVSS score: 10.0) – A path traversal vulnerability in the SeppMail User Web Interface’s large file transfer (LFT) feature that could enable arbitrary file write, resulting in remote code execution.
  • CVE-2026-7864 (CVSS score: 6.9) – An exposure of sensitive system information vulnerability that leaks server environment variables through an unauthenticated endpoint in the new GINA UI.
  • CVE-2026-44125 (CVSS score: 9.3) – A missing authorization check vulnerability for multiple endpoints in the new GINA UI that allows unauthenticated remote attackers to access functionality that would otherwise require a valid session.
  • CVE-2026-44126 (CVSS score: 9.2) – A deserialization of untrusted data vulnerability that allows unauthenticated remote attackers to execute code via a crafted serialized object.
  • CVE-2026-44127 (CVSS score: 8.8) – An unauthenticated path traversal vulnerability in “/api.app/attachment/preview” that allows remote attackers to read arbitrary local files and trigger deletion of files in the targeted directory with the privileges of the “api.app” process.
  • CVE-2026-44128 (CVSS score: 9.3) – An eval injection vulnerability that allows unauthenticated remote code execution by taking advantage of the fact that the /api.app/template feature directly passes user-supplied upldd parameter into a Perl eval() statement without any sanitization.
  • CVE-2026-44129 (CVSS score: 8.3) – An improper neutralization of special elements used in a template engine vulnerability that allows remote attackers to execute arbitrary template expressions and potentially achieve remote code execution depending on the enabled template plugins.

In a hypothetical attack scenario, a threat actor could exploit CVE-2026-2743 to overwrite the system’s syslog configuration (“/etc/syslog.conf”) by making use of the “nobody” user’s write access to the file and ultimately obtain a Perl-based reverse shell. The end result is a complete takeover of the SEPPmail appliance, permitting the attacker to read all mail traffic and persist indefinitely on the gateway.

One significant hurdle that an attacker must overcome to achieve remote code execution is that syslogd re-reads the configuration only upon receiving the SIGHUP (aka “signal hang up”) signal. Syslogd is a Linux system daemon responsible for writing system messages to log files or a user’s terminal.

“The appliance uses newsyslog for log rotation (e.g., leading to logfile.0), which runs every 15 minutes via cron,” the researchers explained. “newsyslog rotates files that exceed a size limit and then automatically sends a SIGHUP to syslogd. By bloating log files like SEPPMaillog, which has a 10,000 KB limit in this case, we can force a rotation and a subsequent config reload. These can be filled by just sending web requests.”

While CVE-2026-44128 is said to have been fixed by version 15.0.2.1, CVE-2026-44126 was addressed with the release of version 15.0.3. The remaining vulnerabilities have been patched in version 15.0.4.

The disclosure comes weeks after SEPPmail shipped updates to resolve another critical flaw (CVE-2026-27441, CVSS score: 9.5) that could allow arbitrary operating system command execution.



Source link

The Hacker News

The Hacker News

Next Post
Interview: How Volvo built software for a two-and-a-half-tonne moving object | Computer Weekly

Interview: How Volvo built software for a two-and-a-half-tonne moving object | Computer Weekly

Recommended.

AI jobs resistant to recent hiring slump

AI jobs resistant to recent hiring slump

August 8, 2025
P2P Group Announces Exclusive Quantum Security Capability and Breakthrough Capabilities

P2P Group Announces Exclusive Quantum Security Capability and Breakthrough Capabilities

June 5, 2025

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

April 30, 2026
Dell’s Infrastructure Blitz: Private Cloud, PowerStore Elite, PowerEdge In Spotlight At Dell Technologies World 2026

Dell’s Infrastructure Blitz: Private Cloud, PowerStore Elite, PowerEdge In Spotlight At Dell Technologies World 2026

May 19, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio