Endpoint Vulnerability

SmarterTools SmarterMail CVE-2025-52691 Remote Code Execution Vulnerability

Description

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Outbreak Alert

An actively targeted vulnerability has been identified in SmarterTools SmarterMail, tracked as CVE-2025-52691, with a CVSS score of 10.0 (Critical). The flaw allows unauthenticated attackers to upload arbitrary files to any location on the mail server, potentially resulting in remote code execution (RCE).

View the full Outbreak Alert Report

Affected Applications

SmarterMail

Version Updates

Date	Version	Status	Detail
2026-01-30	1.00949	New	SmarterMail

References

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/

ID	6298
Created	Jan 30, 2026
Description Updated	Jan 30, 2026
CVE ID
Tags	SmarterTools SmarterMail RCE Threat Signal
Risk
Coverage	FortiClient
OS	Windows
Vendor	SmarterTools
Patch	manual
Application	SmarterMail

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Endpoint Vulnerability

SmarterTools SmarterMail CVE-2025-52691 Remote Code Execution Vulnerability

Description

Outbreak Alert

Affected Applications

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Endpoint Vulnerability

SmarterTools SmarterMail CVE-2025-52691 Remote Code Execution Vulnerability

Description

Outbreak Alert

Affected Applications

Version Updates

References

Threat Intelligence
Center