Primary

Context

SEPPmail Secure Email Gateway OS Command Execution Vulnerability via PDF Password Handling

Vulnerability

Patched

A vulnerability in SEPPmail Secure Email Gateway versions prior to 15.0.1 allows for OS command execution. This issue arises from the application's improper handling of PDF encryption passwords, which can be exploited to execute commands on the operating system.

Impact

Exploitation of this vulnerability could lead to unauthorized OS command execution, potentially allowing an attacker to execute arbitrary commands with the privileges of the user running the SEPPmail application.

Remediation

Users can update to SEPPmail Secure Email Gateway version 15.0.1 or later, where this vulnerability has been addressed.

Added: Mar 4, 2026, 9:21 AM

Updated: Mar 4, 2026, 9:21 AM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

7.5

exploitability

6.8

remediation

7.7

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

7.5

exploitability

6.8

remediation

7.7

relevance

3.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SEPPmail Secure Email Gateway OS Command Execution Vulnerability via PDF Password Handling

Vulnerability

Impact

Remediation

Affected Products

SEPPmail Secure Email Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating