Summary
IceWarp patched a critical unauthenticated remote code execution vulnerability (CVE-2025-14500) that allows attackers to run commands with system privileges via a malicious HTTP header. Over 1,200 servers remain exposed, posing a significant risk to corporate communication data and internal network security.
Take Action:
If you are using IceWarp, this is important. Unauthenticated attackers can take full control of your entire mail server without needing a password. Apply the latest IceWarp security updates to close this vulnerability. If possible, isolate the platform from the internet.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)