What is CVE-2019-7214?

CVE-2019-7214 is a vulnerability in N/a. Published 2019-04-24.

Is CVE-2019-7214 known to be exploited?

15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-7214

SmarterTools SmarterMail 16.x before build 6985 allows deserialization of untrusted data. An unauthenticated attacker could run commands on the server when port 17001 was remotely accessible. This port is not accessible remotely by default…

EPSS: 0.826 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Drew-Alleman/CVE-2019-7214
devzspy/CVE-2019-7214
andyfeili/-CVE-2019-7214
ElusiveHacker/CVE-2019-7214
rapid7/metasploit-framework
crtvrffnrt/OSCP-Checklist-Cheatsheet2024
developer3000S/PoC-in-GitHub
hectorgie/PoC-in-GitHub
hktalent/bug-bounty
nomi-sec/PoC-in-GitHub

References

www.smartertools.com/smartermail/release-notes/current
www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-…
packetstormsecurity.com/files/160416/SmarterMail-6985-Remote-Code-Execution.html
packetstormsecurity.com/files/173388/SmarterTools-SmarterMail-Remote-Code-Execu…

Frequently asked questions

What is CVE-2019-7214?: CVE-2019-7214 is a vulnerability in N/a. Published 2019-04-24.
Is CVE-2019-7214 known to be exploited?: 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.