Vulnerability Description
SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's eval.
Related Weaknesses (CWE)
References
- https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security
- https://labs.infoguard.ch/posts/seppmail_secure_e-mail_gateway_rce_vulnerabiliti
FAQ
What is CVE-2026-44128?
CVE-2026-44128 is a documented vulnerability. SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint passes attacker-controlled input from a parameter to Perl's ev...
How severe is CVE-2026-44128?
CVSS scoring is not yet available for CVE-2026-44128. Check NVD for updates.
Is there a patch for CVE-2026-44128?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.