CVE Catalog
CVE-2026-2743
CriticalSummary
The vulnerability allows arbitrary file write via a Path Traversal attack, potentially leading to remote code execution in the SeppMail user interface. The issue affects the large file transfer (LFT) feature.
Risk Assessment
This threat could allow an attacker to gain control over the system, posing a serious risk to the organization's security.
Recommendation
It is recommended to update to SeppMail version above 15.0.2.1 and implement additional security measures to protect against Path Traversal attacks.
Original NVD description (English source)
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before

