VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Critical vulnerabilities in SEPPMail: RCE and access to mail traffic

Критические уязвимости в SEPPMail: RCE и доступ к почтовому трафика

Colleagues, please note: critical vulnerabilities have been disclosed in SEPPMail Secure E‑Mail Gateway.

I reviewed InfoGuard Labs' report: several flaws allow remote code execution and arbitrary reading of mail on the device. Key issues include path traversal in LFT (CVE-2026-2743), eval injection (CVE-2026-44128) and deserialization (CVE-2026-44126).

An attacker could intercept all mail traffic and maintain persistent access via syslog configuration. The vendor released patches: 15.0.2.1, 15.0.3 and 15.0.4 — update is mandatory.

Why it matters: the mail gateway is a central control point and a possible pivot into the network.

Have you updated SEPPMail in your environment?

#cybersecurity #email #vulnerabilities #SEPPMail

Latest comments

No comments yet.