Smartermail 6919 Exploit Jun 2026

The server, failing to sanitize the backupPath parameter, interprets the semicolon and initiates a new process. Because the SmarterMail service runs as SYSTEM (by default), the command executes with highest privileges.

: If you cannot update immediately, block external access to port 17001 at the network perimeter. smartermail 6919 exploit