CVE Catalog

CVE-2026-2743

Critical
Published: Translated: NVD NIST

Summary

The vulnerability allows arbitrary file write via a Path Traversal attack, potentially leading to remote code execution in the SeppMail user interface. The issue affects the large file transfer (LFT) feature.

Risk Assessment

This threat could allow an attacker to gain control over the system, posing a serious risk to the organization's security.

Recommendation

It is recommended to update to SeppMail version above 15.0.2.1 and implement additional security measures to protect against Path Traversal attacks.

Original NVD description (English source)

Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before

Vulnerability data from NVD (NIST) · CISA KEV · EPSS