CVE-2025-52691 SmarterMail Arbitrary File Upload RCE

Arbitrary file upload enabling unauthenticated remote code execution on SmarterMail email gateways without authentication, affecting all customer data and backend infrastructure.

1 intelligence brief← Intelligence Hub

SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways

SmarterTools SmarterMail CVE-2025-52691 (CVSS 10.0) allows unauthenticated attackers to upload arbitrary files to mail servers without authentication, enabling immediate remote code execution. Affects Build 9406 and earlier; patched in Build 9413 (Oct 9, 2025). Used by web hosting providers ASPnix, Hostek, simplehosting.ch managing thousands of customer domains.

Peter Chofield

Jan 4, 2026

11–16 minutes

CVE-2025-52691 SmarterMail Arbitrary File Upload RCE

SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways