Smartermail 6919 Exploit Info

SmarterTools has released a patch to address this vulnerability. Immediate action is required.

Attackers could send serialized .NET commands via a TCP socket connection to port 170010;324;. smartermail 6919 exploit

Attackers can send maliciously crafted serialized commands to these endpoints. If successful, the server executes these commands under the NT AUTHORITY\SYSTEM account, the highest privilege level on Windows. Affected Versions: Build 6919 and other versions prior to Build 6985. How the Exploit Works SmarterTools has released a patch to address this

Technical Advisory: Multiple Vulnerabilities in SmarterMail - Fox IT smartermail 6919 exploit

A dedicated exploit module is available in the Metasploit Framework to automate this attack. : exploit/windows/http/smartermail_rce Key Settings : RHOSTS : Target server IP. RPORT : 17001 (default). PAYLOAD : Typically a Windows meterpreter shell. 🔧 Remediation