Published: 15/07/2020 Updated: 22/07/2020

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 580

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

IceWarp Email Server 12.3.0.1 allows remote malicious users to upload JavaScript files that are dangerous for clients to access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
icewarp mail server 12.3.0.1

CVE-2020-14066

CVE-2020-14066 Icewarp Email Server 12301 insecure_permissions #nvdnistgov/vuln/detail/CVE-2020-14066

CVE-2020-14066

CVE-2020-14066 Icewarp Email Server 12301 insecure_permissions #nvdnistgov/vuln/detail/CVE-2020-14066

Icewarp Email Server 12301 insecure_permissions #nvdnistgov/vuln/detail/CVE-2020-14066 Introduction : firs step: Login to account and upload malicious file via attachments menu second step: Click to download file and capture this request with burp suit third step: Send download link to victim forth step: Victim download malicious file from web server with out

CWE-434 https://github.com/networksecure/icewarp_insecure_permissions https://www.icewarp.com/download-premise/server/https://nvd.nist.gov https://github.com/pinpinsec/Icewarp-Email-Server-12.3.0.1-insecure_permissions

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-14066

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect