We have identified a vulnerability in the code of the old version of the WebAdmin interface (\ICEWARP\HTML\ADMIN\OLD).
To prevent a potential exploit, please install the latest version promptly and update your user/admin passwords.
The version addresses a security vulnerability in code of the legacy WebAdmin interface, which could be carried over from older versions of IceWarp if it wasn’t correctly uninstalled (This is nonessential on recent IceWarp version).
Customers running on an older version should upgrade either to version 12.2, Deep Castle Gen 1 or Deep Castle Gen 2 to address the issue.
Scope of vulnerability:
By exploiting this vulnerability, an attacker could gain access to the filesystem in the context of the user, under which IceWarp runs.
Please contact our Support for free assistance with upgrading your IceWarp or Sales with upgrading your license to the latest version.
Latest update: the patch available for older version now.