CVE-2026-44127
Vulnerability Description
SEPPmail Secure Email Gateway before version 15.0.4 contains an unauthenticated path traversal vulnerability in the identifier parameter of /api.app/attachment/preview that allows remote attackers to read arbitrary local files and trigger deletion of files in the targeted directory with the privileges of the api.app process.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-73
Source
NVD
Vendor
SEPPmail AG
Product
Secure Email Gateway
Discussion (0)
Add Comment
No comments yet. Be the first!