Vulnerability
IceWarp Mail Server through 10.4.4 can easily generate local file inclusion vulnerabilities by traversing the webmail/calendar/minimizer/index.php?style directory .
Impact
Successful exploitation allows remote attackers to perform unintended actions such as information disclosure, database access, etc.
Mitigation / Precaution
Our recommendation is to update IceWarp Mail Server to the latest version as soon as possible to patch the vulnerabilities.
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
