Vulnerability Description
SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session.
Related Weaknesses (CWE)
References
- https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
- https://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabiliti
FAQ
What is CVE-2026-44125?
CVE-2026-44125 is a documented vulnerability. SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality t...
How severe is CVE-2026-44125?
CVSS scoring is not yet available for CVE-2026-44125. Check NVD for updates.
Is there a patch for CVE-2026-44125?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.