SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API. The force-reset-password …

SmarterTools SmarterMail contains a critical authentication bypass vulnerability in its password reset API. The force-reset-password endpoint accepts anonymous requests and fails to verify existing passwords or reset tokens when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and new password to reset the account, leading to full administrative compromise of the SmarterMail instance. This vulnerability allows complete takeover of email server infrastructure without any authentication.