SMTP Smuggling – A Quick Summary
SEC Consult researchers showed that some software allows a bad actor to inject a specially crafted email message concealing a second message hidden inside the body of the original message. This passes into the inbound SMTP server, which interprets the text as a separate second message. The attack relies on incorrect handling of the <CR><LF>.<CR><LF> sequence of…
Read More