SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

Posted on By CWS

Ravie LakshmananJan 30, 2026Vulnerability / E-mail Safety
SmarterTools has addressed two extra safety flaws in SmarterMail e-mail software program, together with one crucial safety flaw that would lead to arbitrary code execution.
The vulnerability, tracked as CVE-2026-24423, carries a CVSS rating of 9.3 out of 10.0.
“SmarterTools SmarterMail variations prior to construct 9511 include an unauthenticated distant code execution vulnerability within the ConnectToHub API methodology,” in line with an outline of the flaw in CVE.org.
“The attacker might level the SmarterMail to the malicious HTTP server, which serves the malicious OS [operating system] command. This command can be executed by the susceptible software.”
watchTowr researchers Sina Kheirkhah and Piotr Bazydlo, CODE WHITE GmbH’s Markus Wulftange, and VulnCheck’s Cale Black have been credited with discovering and reporting the vulnerability.
The safety gap has been addressed in model Construct 9511, launched on January 15, 2026. The identical construct additionally patches one other crucial flaw (CVE-2026-23760, CVSS rating: 9.3) that has since come beneath lively exploitation within the wild.

As well as, SmarterTools has shipped fixes to plug a medium-severity safety vulnerability (CVE-2026-25067, CVSS rating: 6.9) that would enable an attacker to facilitate NTLM relay assaults and unauthorized community authentication.
It has been described as a case of unauthenticated path coercion affecting the background-of-the-day preview endpoint.
“The appliance base64-decodes attacker-supplied enter and makes use of it as a filesystem path with out validation,” VulnCheck famous in an alert.
“On Home windows techniques, this enables UNC [Universal Naming Convention] paths to be resolved, inflicting the SmarterMail service to provoke outbound SMB authentication makes an attempt to attacker-controlled hosts. This may be abused for credential coercion, NTLM relay assaults, and unauthorized community authentication.”
The vulnerability has been patched in Construct 9518, launched on January 22, 2026. With two vulnerabilities in SmarterMail coming beneath lively exploitation over the previous week, it is important that customers replace to the most recent model as quickly as potential.

The Hacker News Tags:, , , , , , ,

Related Posts

SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats The Hacker News
Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More The Hacker News
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer The Hacker News
New Malware Campaigns Highlight Rising AI and Phishing Risks New Malware Campaigns Highlight Rising AI and Phishing Risks The Hacker News
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress The Hacker News
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes The Hacker News