EXECUTIVE SUMMARY:
Multiple security vulnerabilities have been identified in the SEPPmail Secure Email Gateway, affecting versions before the patched releases in the 15.x branch. These vulnerabilities expose organizations to remote code execution (RCE) and potential interception of sensitive email traffic. The most critical flaw, CVE-2026-2743, affects the Large File Transfer (LFT) feature used to handle large email attachments, allowing attackers to exploit directory-traversal sequences and execute arbitrary code. Business risk and impact are significant, as successful exploitation can lead to full control over the email gateway, interception of encrypted email traffic, and access to sensitive information and internal communications. • CVE-2026-2743 with a CVSS score of 9.8 – This vulnerability allows pre-authenticated RCE via arbitrary file write in the LFT component, enabling attackers to overwrite system files and execute malicious code. • CVE-2026-44128 with a CVSS score of 9.3 – This vulnerability enables unauthenticated RCE through Perl code injection, allowing attackers to execute arbitrary commands on the system. • CVE-2026-44127 with a CVSS score of 7.5 – This vulnerability allows local file inclusion (LFI) enabling access to sensitive files and emails, which can aid further exploitation. • CVE-2026-7864 with a CVSS score of 7.5 – This vulnerability exposes sensitive environment variables without authentication, aiding further exploitation. The critical SEPPmail vulnerabilities pose a significant risk to organizations, allowing attackers to gain full control over the email gateway, intercept sensitive email traffic, and access sensitive information. Successful exploitation can lead to business disruption, financial loss, and reputational damage. Organizations must take immediate action to mitigate these vulnerabilities and protect their email infrastructure.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
Multiple security vulnerabilities have been identified in the SEPPmail Secure Email Gateway, affecting versions before the patched releases in the 15.x branch. These vulnerabilities expose organizations to remote code execution (RCE) and potential interception of sensitive email traffic. The most critical flaw, CVE-2026-2743, affects the Large File Transfer (LFT) feature used to handle large email attachments, allowing attackers to exploit directory-traversal sequences and execute arbitrary code. Business risk and impact are significant, as successful exploitation can lead to full control over the email gateway, interception of encrypted email traffic, and access to sensitive information and internal communications. • CVE-2026-2743 with a CVSS score of 9.8 – This vulnerability allows pre-authenticated RCE via arbitrary file write in the LFT component, enabling attackers to overwrite system files and execute malicious code. • CVE-2026-44128 with a CVSS score of 9.3 – This vulnerability enables unauthenticated RCE through Perl code injection, allowing attackers to execute arbitrary commands on the system. • CVE-2026-44127 with a CVSS score of 7.5 – This vulnerability allows local file inclusion (LFI) enabling access to sensitive files and emails, which can aid further exploitation. • CVE-2026-7864 with a CVSS score of 7.5 – This vulnerability exposes sensitive environment variables without authentication, aiding further exploitation. The critical SEPPmail vulnerabilities pose a significant risk to organizations, allowing attackers to gain full control over the email gateway, intercept sensitive email traffic, and access sensitive information. Successful exploitation can lead to business disruption, financial loss, and reputational damage. Organizations must take immediate action to mitigate these vulnerabilities and protect their email infrastructure.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://cybersecuritynews.com/seppmail-gateway-flaws/