This vulnerability is a buffer overflow in the MAIL FROM SMTP command of Tabs Mail Carrier 2.5.1. Remote unauthenticated attackers can send a crafted oversized MAIL FROM parameter to the running SMTP service to trigger the flaw. Successful exploitation allows attackers to execute arbitrary code on the affected mail server.
Remediation
Tabs Mail Carrier 2.5.1 is an unsupported legacy product. Organizations should migrate to a actively maintained alternative mail server solution. If replacement is not immediately possible, restrict public access to port 25 for the affected system.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.