Critical Zero-Click RCE Vulnerability in FreeScout Helpdesk Platform

First reported

04.03.2026 23:51

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

A critical zero-click remote code execution (RCE) vulnerability (CVE-2026-28289) in FreeScout helpdesk platform allows attackers to hijack mail servers by sending a crafted email. The flaw bypasses a previous fix for another RCE issue (CVE-2026-27636) and enables unauthenticated command execution on the server. FreeScout versions up to 1.8.206 are affected, and immediate patching to version 1.8.207 is recommended. The vulnerability leverages a zero-width space (Unicode U+200B) to bypass security checks, allowing malicious file uploads and subsequent exploitation. Over 1,100 publicly exposed FreeScout instances are at risk, with potential impacts including full server compromise, data breaches, and lateral movement.

Timeline

04.03.2026 23:51 1 articles · 2h ago

Critical Zero-Click RCE Vulnerability in FreeScout Helpdesk Platform
A critical zero-click remote code execution (RCE) vulnerability (CVE-2026-28289) in FreeScout helpdesk platform allows attackers to hijack mail servers by sending a crafted email. The flaw bypasses a previous fix for another RCE issue (CVE-2026-27636) and enables unauthenticated command execution on the server. FreeScout versions up to 1.8.206 are affected, and immediate patching to version 1.8.207 is recommended. The vulnerability leverages a zero-width space (Unicode U+200B) to bypass security checks, allowing malicious file uploads and subsequent exploitation. Over 1,100 publicly exposed FreeScout instances are at risk, with potential impacts including full server compromise, data breaches, and lateral movement.
Show sources

Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
Open in new tab

Information Snippets

CVE-2026-28289 is a zero-click remote code execution vulnerability in FreeScout helpdesk platform.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
The flaw bypasses a previous fix for CVE-2026-27636, which required authentication.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
Attackers can exploit the vulnerability by sending a crafted email to a FreeScout mailbox.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
The vulnerability leverages a zero-width space (Unicode U+200B) to bypass security checks.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
FreeScout versions up to 1.8.206 are affected, with a patch available in version 1.8.207.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
Over 1,100 publicly exposed FreeScout instances are at risk.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
Successful exploitation can result in full server compromise, data breaches, and lateral movement.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51
No active exploitation of CVE-2026-28289 has been observed in the wild as of the report.
First reported: 04.03.2026 23:51

1 source, 1 article
Show sources
- Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers — www.bleepingcomputer.com — 04.03.2026 23:51