Smartermail 6919 Exploit ❲Firefox❳

Attackers could send serialized .NET commands via a TCP socket connection to port 170010;324;.

POST /interface/Download.aspx?file=../../../Windows/Temp/shell.aspx HTTP/1.1 Host: targetmailserver.com Content-Type: application/x-www-form-urlencoded smartermail 6919 exploit

The root cause was improper sanitization of user-supplied input. The server trusted a parameter in the request, allowing an attacker to "break out" of intended directories and write or execute a file anywhere on the system that the SmarterMail service had permissions to access. Attackers could send serialized