Vulnerability
IceWarp Mail Server through 10.4.4 can easily generate local file inclusion vulnerabilities by traversing the webmail/calendar/minimizer/index.php?style directory .
Impact
Successful exploitation allows remote attackers to perform unintended actions such as information disclosure, database access, etc.
Mitigation / Precaution
Our recommendation is to update IceWarp Mail Server to the latest version as soon as possible to patch the vulnerabilities.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
