Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
server/webmail.php in IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML external entity declaration in conjunction with an entity reference.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IceWarp Mail Server IceWarp WebMail资源管理错误漏洞
Vulnerability Description
IceWarp Web Mail(冰星网上邮件系统)是支持中日文邮件的Web Mail服务器引擎。 IceWarp Mail Server 10.3.3之前版本中IceWarp WebMail的server/webmail.php中存在漏洞。远程攻击者可借助结合实体引用的XML外部实体声明读取任意文件并且可能向Intranet服务器发送HTTP请求或者导致拒绝服务(CPU和内存破坏)。
CVSS Information
N/A
Vulnerability Type
N/A