Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-41871

SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context of the user root.

Published

2025-04-28T16:15:24.853

Last Modified

2025-05-14T18:58:36.363

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.0 (MEDIUM)

Weaknesses

Type: Secondary
CWE-78
Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	seppmail	seppmail	≤ 12.1.17	Yes

References

https://code-white.com/public-vulnerability-list/ Third Party Advisory ([email protected])
https://www.seppmail.com/products/ Product ([email protected])