CVE-2025-52691

CriticalKnown ExploitedRansomware

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail…

CSA·CWE-434·Published 2025-12-29

CVSS

10.0

EPSS

0.85

KEV

Yes

Exploits

cve.orgen

190 chars

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

NVDen

190 chars

Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	10.0	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
3.1	Secondary	NVD	10.0	3.9	6.0	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVE-2025-52691

CVSS metrics across sources