Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

IceWarp Web Mail Multiple Flaws (4) Vulnerability Scan

Vulnerability Scan Summary
Check the version of IceWarp WebMail

Detailed Explanation for this Vulnerability Test

Synopsis :

It is possible to retrieve/delete local files on the remote system through
the WebMail.

Description :

The remote host is running IceWarp Web Mail - a webmail solution
available for the Microsoft Windows platform.

The remote version of this software is vulnerable to a Directory
Traversal vulnerability that may allow a possible hacker to retrieve
arbitrary files on the system.

Another input validation flaw allows to delete arbitrary files on the
remote host.

Note : this flaw indicates IceWarp is vulnerable to cross-site
scripting attacks too.

See also :

Solution :

None at this time.

Threat Level:

High / CVSS Base Score : 9

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.