Seppmail Vulnerabilities

This vulnerability allows an attacker to upload malicious files to a server, potentially leading to remote control of the system. It affects the large file transfer feature in SeppMail versions 15.0.2.1 and earlier, and requires the attacker to have access to the user web interface.

This vulnerability allows an attacker to spoof email signatures, making it look like an email comes from a trusted source. It occurs when the SEPPmail Secure Email Gateway improperly handles S/MIME certificates for email addresses that include spaces, which means attackers can exploit this flaw if they can create such certificates.

This vulnerability allows an attacker to potentially access sensitive information in decrypted inline PGP messages because the system does not properly separate these messages from unencrypted content. For this to happen, the attacker must be able to send or manipulate emails that reach the SEPPmail Secure Email Gateway before version 15.0.1.

This vulnerability allows an attacker to send forged emails that appear legitimate, as the email gateway fails to properly show whether the PGP signatures are valid. Users must be using SEPPmail Secure Email Gateway versions before 15.0.1 for this issue to affect them.

This vulnerability allows an attacker to create fake email signatures that appear to come from trusted sources, potentially tricking recipients into believing the messages are legitimate. It affects versions of the SEPPmail Secure Email Gateway before 15.0.1 and occurs because the system fails to properly check if the signature is from the correct key.

This vulnerability allows an attacker to spoof the sender's email address or decrypt emails by exploiting how the SEPPmail Secure Email Gateway handles email headers. It affects versions before 15.0.1, meaning users running older versions are at risk if they receive emails that take advantage of this flaw.

This vulnerability allows an attacker to manipulate trusted email headers in SEPPmail Secure Email Gateway, potentially leading to phishing attacks or other malicious activities. It affects versions prior to 15.0.1 and requires the attacker to send specially crafted S/MIME protected emails to exploit the flaw.

This vulnerability allows an attacker to access files stored on the SEPPmail Secure Email Gateway by exploiting a flaw in how attachment filenames are checked in encrypted emails. It affects versions before 15.0.1, meaning any system running an older version is at risk if it processes GINA-encrypted emails.

This vulnerability allows an attacker to execute commands on the operating system by exploiting a flaw in the way the SEPPmail Secure Email Gateway handles PDF encryption passwords. To take advantage of this, the attacker needs to send a specially crafted PDF file to the system.