CVE-2026-24423

CRITICAL KEV RANSOMWARE NUCLEI

SmarterTools SmarterMail <9511 - RCE

Title source: llm

Description

SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be executed by the vulnerable application.

Exploits (2)

nomisec WORKING POC 7 stars

by aaddmin1122345 · poc

https://github.com/aaddmin1122345/CVE-2026-24423

View Code ZIP pw:eip

nomisec WORKING POC 6 stars

by aavamin · poc

https://github.com/aavamin/CVE-2026-24423

View Code ZIP pw:eip

Nuclei Templates (1)

SmarterMail - Remote Code Execution

CRITICALVERIFIEDby jyoti369

Shodan: html:"SmarterMail"

References (4)

[Third Party Advisory] https://code-white.com/public-vulnerability-list/#systemadminsettingscontrollerconnecttohub-missing-authentication-in-smartermail

[Release Notes] https://www.smartertools.com/smartermail/release-notes/current

[Third Party Advisory] https://www.vulncheck.com/advisories/smartertools-smartermail-unauthenticated-rce-via-connecttohub-api

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-24423

Scores

CVSS v3 9.8

EPSS 0.8027

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2026-02-05

VulnCheck KEV 2026-01-28

ENISA EUVD EUVD-2026-4273

Ransomware Use Confirmed

CWE

CWE-306

Status published

Products (1)

smartertools/smartermail < 100.0.9511

Published Jan 23, 2026

KEV Added Feb 05, 2026

Tracked Since Feb 18, 2026