CVE-2025-14500 | IceWarp X-File-Operation command injection (ZDI-25-1072)

December 11, 2025 Yanac

A vulnerability was found in IceWarp and classified as critical. This impacts an unknown function of the component X-File-Operation Handler. The manipulation results in command injection.

This vulnerability is known as CVE-2025-14500. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-14514 | Campcodes Supplier Management System 1.0 add_distributor.php txtDistributorAddress sql injection
CVE-2025-14499 | IceWarp gmaps cross site scripting (ZDI-25-1071)