CVE-2023-40779

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 14, 2023

Updated: Nov 7, 2023

CWE ID 601

Summary

CVE-2023-40779 is a newly discovered vulnerability affecting IceWarp Mail Server Deep Castle version 13.0.1.2. An attacker can exploit this issue by sending a specially crafted request to the server's URL, resulting in the execution of arbitrary code. This vulnerability poses a significant risk, as it allows remote attackers to gain unauthorized access and potentially take control of affected systems. Organizations using the IceWarp Mail Server should apply the necessary patches as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IceWarp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sbM2D7
https://www.cve.org/CVERecord?id=CVE-2023-40779
https://nvd.nist.gov/vuln/detail/CVE-2023-40779

Back to Vulnerability Database

CVE-2023-40779

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations