Description
SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.
Published: 2026-06-18
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

SEPPmail versions before 15.0.5 process attachment filenames improperly during encrypted PDF generation, allowing an attacker to write a file outside the intended output directory. The flaw can lead to malicious files being placed in publicly accessible areas, potentially enabling web-based attacks or unauthorized data exposure.

Affected Systems

The vulnerability affects all SEPPmail AG Secure Email Gateway installations running a version earlier than 15.0.5.

Risk and Exploitability

The CVSS score of 7.1 indicates a high severity, while the EPSS score below 1% suggests low current exploitation probability. The flaw is not listed in the CISA KEV catalog. Based on the description, it is inferred that attackers could target the PDF generation API remotely, creating files in web directories, which may enable further exploitation if the web server executes or serves these files.

Generated by OpenCVE AI on June 18, 2026 at 20:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to SEPPmail Secure Email Gateway 15.0.5 or later to eliminate the filename handling flaw
  • Configure the PDF generation service to run only within trusted internal networks or restrict access to authorized users
  • Adjust file system permissions and application settings to prevent writing outside the designated output directory and monitor logs for unexpected file creations

Generated by OpenCVE AI on June 18, 2026 at 20:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 16:45:00 +0000

Type Values Removed Values Added
Description SEPPmail versions before 15.0.5 allow improper handling of attachment filenames during encrypted PDF generation. An attacker can exploit this to create new files outside the intended directory, potentially placing files in web-accessible locations.
Title Path traversal in PDF generation module
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: NCSC.ch

Published:

Updated: 2026-06-18T12:14:45.784Z

Reserved: 2026-05-18T08:15:54.739Z

Link: CVE-2026-8811

cve-icon Vulnrichment

Updated: 2026-06-18T12:14:26.049Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T20:30:05Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')