smartertools 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は パス処理の欠陥、vendor risk sql injection, and vendor risk file inclusion に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact session compromise and ファイル上書き などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-7807 | SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms and hardcoded keys to decrypt and access stored passwords and 2FA secrets for all users. | [email protected] | 8.7 | 0.03% | 2026-05-08 | 2026-06-04 |
| CVE-2026-40514 | SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000 possible values. An unauthenticated attacker can use the attachment download endpoint as an oracle to determine the seed in use and derive encryption keys and initialization vectors to forge sharing tokens f | [email protected] | 8.2 | 0.03% | 2026-04-27 | 2026-06-04 |
| CVE-2026-25067 | SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticated path coercion vulnerability in the background-of-the-day preview endpoint. The application base64-decodes attacker-supplied input and uses it as a filesystem path without validation. On Windows systems, this allows UNC paths to be resolved, causing the SmarterMail service to initiate outbound SMB authentication attempts to attacker-controlled hosts. This can be abused for credential coercion, NTLM relay attacks, an | [email protected] | 6.9 | 0.03% | 2026-01-29 | 2026-03-09 |
| CVE-2026-24423 KEV | SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application. | [email protected] | 9.3 | 83.40% | 2026-01-23 | 2026-02-06 |
| CVE-2026-23760 KEV | SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance. NOTE: SmarterMail sys | [email protected] | 9.3 | 81.65% | 2026-01-22 | 2026-01-27 |
| CVE-2020-36926 | SmarterTrack 7922 contains an information disclosure vulnerability in the Chat Management search form that reveals agent identification details. Attackers can access the vulnerable /Management/Chat/frmChatSearch.aspx endpoint to retrieve agents' first and last names along with their unique identifiers. | [email protected] | 6.9 | 0.06% | 2026-01-16 | 2026-02-09 |
| CVE-2025-52691 KEV | Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution. | 5f57b9bf-260d-4433-bf07-b6a79e9bb7d4 | 10.0 | 89.66% | 2025-12-29 | 2026-01-27 |
| CVE-2023-48116 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS via a crafted description of a Calendar appointment. | [email protected] | 5.4 | 0.17% | 2023-12-21 | 2024-11-21 |
| CVE-2023-48115 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored DOM XSS because an XSS protection mechanism is skipped when messageHTML and messagePlainText are set in the same request. | [email protected] | 5.4 | 0.17% | 2023-12-21 | 2024-11-21 |
| CVE-2023-48114 | SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows youtube.com followed by an @ character and an attacker-controlled domain name. | [email protected] | 5.4 | 0.17% | 2023-12-21 | 2024-11-21 |
| CVE-2022-24387 | With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010 | [email protected] | 9.1 | 0.58% | 2022-03-14 | 2024-11-21 |
| CVE-2022-24386 | Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | [email protected] | 8.8 | 0.36% | 2022-03-14 | 2024-11-21 |
| CVE-2022-24385 | A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | [email protected] | 6.5 | 0.28% | 2022-03-14 | 2024-11-21 |
| CVE-2022-24384 | Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. | [email protected] | 8.8 | 48.03% | 2022-03-14 | 2024-11-21 |
| CVE-2021-43977 | SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS. | [email protected] | 6.1 | 0.32% | 2021-11-17 | 2024-11-21 |
| CVE-2021-32234 | SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution. | [email protected] | 9.8 | 3.07% | 2021-11-17 | 2024-11-21 |
| CVE-2021-40377 | SmarterTools SmarterMail 16.x before build 7866 has stored XSS. The application fails to sanitize email content, thus allowing one to inject HTML and/or JavaScript into a page that will then be processed and stored by the application. | [email protected] | 5.4 | 0.30% | 2021-09-08 | 2024-11-21 |
| CVE-2020-29548 | An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle attackers can pipeline commands after a POP3 STLS command, injecting plaintext commands into an encrypted user session. | [email protected] | 8.1 | 0.62% | 2021-08-17 | 2024-11-21 |
| CVE-2021-32233 | SmarterTools SmarterMail before Build 7776 allows XSS. | [email protected] | 6.1 | 0.29% | 2021-07-06 | 2024-11-21 |
| CVE-2019-7214 | SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch. | [email protected] | 9.8 | 82.62% | 2019-04-24 | 2024-11-21 |