VULHUB ™

IceWarp Web Mail is reported susceptible to a directory traversal vulnerability. This is due to the application failing to properly sanitize user-supplied input of directory traversal sequences such as '..'. This could allow remote users to gain unauthorized access to files on the computer. This would be in the context of the server, so only files that would normally be accessible to the server would be exposed. The vendor has released very few details about this vulnerability other than to state it has been addressed in IceWarp Web Mail 3.5.1 and later.

IceWarp Web Mail is reported susceptible to a directory traversal vulnerability. This is due to the application failing to properly sanitize user-supplied input of directory traversal sequences such as '..'. This could allow remote users to gain unauthorized access to files on the computer. This would be in the context of the server, so only files that would normally be accessible to the server would be exposed. The vendor has released very few details about this vulnerability other than to state it has been addressed in IceWarp Web Mail 3.5.1 and later.