SEPPmail Command Injection Vulnerability in Admin Portal Allowing Arbitrary Code Execution

Vulnerability

A command injection vulnerability has been identified in the SEPPmail Admin Portal, affecting versions through 12.1.17. This vulnerability allows authenticated attackers to execute arbitrary code with root privileges.

Impact

Exploitation of this vulnerability leads to unauthorized command execution as the root user.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SEPPmail Command Injection Vulnerability in Admin Portal Allowing Arbitrary Code Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating