Email Infrastructure Supply Chain Compromise

Email gateway compromise at hosting providers enables lateral movement to customer websites, databases, and backend systems affecting thousands of organizations simultaneously.

Cyber News & Updates

SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways

SmarterTools SmarterMail CVE-2025-52691 (CVSS 10.0) allows unauthenticated attackers to upload arbitrary files to mail servers without authentication, enabling immediate remote code execution. Affects Build 9406 and earlier; patched in Build…
Read more →

Peter Chofield

·

Jan 4, 2026

·

11–16 minutes

Email Infrastructure Supply Chain Compromise

SmarterTools SmarterMail CVE-2025-52691: Unauthenticated Arbitrary File Upload Enables Remote Code Execution on Email Gateways