Back to CVE List

CVE-2026-44127

Vulnerability Description

SEPPmail Secure Email Gateway before version 15.0.4 contains an unauthenticated path traversal vulnerability in the identifier parameter of /api.app/attachment/preview that allows remote attackers to read arbitrary local files and trigger deletion of files in the targeted directory with the privileges of the api.app process.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-73
Source
NVD
Vendor
SEPPmail AG
Product
Secure Email Gateway

External References

Discussion (0)

Add Comment

No comments yet. Be the first!