CRITICALCVE-2026-2743Published Modified CNA NCSC.ch
CVE-2026-2743: SEPPmail User Web Interface Arbitrary File Write to RCE
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before
Metrics
- CVSS v4.0
- 10.0
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 1
Affected packages
- SeppMail / SeppMail≤ 15.0.2.1
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:YReferences