cvedb.io
CVE-2019-7214
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2019-04-24T15:29:02.107 · Last modified 2026-06-17T02:40:15.450

Summary

SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default after applying the Build 6985 patch.

Affected products

smartertools — smartermail

Does this affect you?

Add your gear to cvedb and we'll alert you only when smartertools ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.