Back to CVE List

CVE-2026-24423

Vulnerability Description

SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-306
Source
NVD
Vendor
SmarterTools
Product
SmarterMail

External References

Discussion (0)

Add Comment

No comments yet. Be the first!