- Description
- IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the X-File-Operation header. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-27394.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.0
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- zdi-disclosures@trendmicro.com
- CWE-78
- Hype score
- Not currently trending
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) https://t.co/zGfQYssgzw
@lcopelandjr
6 Mar 2026
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) https://t.co/d3dIQB0e4v
@bteater51
5 Mar 2026
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 1,200 IceWarp servers remain exposed to CVE-2025-14500, an unauthenticated RCE flaw. EU-heavy install base makes this a quiet but serious exposure. If your org uses IceWarp for email or collaboration, verify your patch status today.
@OscarOPS
5 Mar 2026
84 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
Over 1,200 #IceWarp #servers still vulnerable to unauthenticated RCE flaw (#CVE-2025-14500) https://t.co/fMzqoINsV2
@ScyScan
5 Mar 2026
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1,200台以上のIceWarpサーバーが、認証されていないリモートコード実行の脆弱性(CVE-2025-14500)に対して依然として脆弱です Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) #HelpNetSecurity (Mar 4
@foxbook
5 Mar 2026
290 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) https://t.co/t9qsi23l7B
@Whitehead4Jeff
4 Mar 2026
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Más de 1200 servidores IceWarp siguen siendo vulnerables a la falla RCE no autenticada (CVE-2025-14500). El fallo permite a atacantes tomar control total de servidores de correo. Si usas IceWarp ¡actualiza a la versión 13.0.4 de inmediato! #ciberseguridad https://t.co/W8FDaJ7
@EHCGroup
4 Mar 2026
154 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) https://t.co/oDDijNB9yL #HelpNetSecurity #Cybersecurity https://t.co/owMfvGS6a5
@PoseidonTPA
4 Mar 2026
104 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) https://t.co/VRRkU0LQkD
@TheCyberSecHub
4 Mar 2026
628 Impressions
2 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Over 1,200 IceWarp Servers Still Exposed to Pre-Auth RCE Flaw (CVE-2025-14500) A critical unauthenticated OS command injection in IceWarp’s handling of the `X-File-Operation` HTTP header (CVE-2025-14500) allows remote attackers to run arbitrary commands as SYSTEM/root on
@ThreatSynop
4 Mar 2026
103 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500): A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain… https://t.co/syADwXJYhk https
@shah_sheikh
4 Mar 2026
251 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
1 Quote
Over 1,200 #IceWarp servers still vulnerable to unauthenticated RCE flaw (#CVE-2025-14500) https://t.co/kvYCHyZZVy https://t.co/V26QLUDT1m
@evanderburg
4 Mar 2026
129 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-21513 2 - CVE-2025-14500 3 - CVE-2026-21236 4 - CVE-2026-2441 5 - CVE-2026-3223 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
3 Mar 2026
164 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
We are scanning & reporting IceWarp CVE-2025-14500 (CVSS 9.8, pre-auth command injection RCE) instances. 1278 IPs seen 2026-03-01 (version based check). Patch info: https://t.co/YV3Vx4eb2S IP data in https://t.co/qxv0Gv5ELc Dashboard World Map view: https://t.co/ovUiL5AY3
@Shadowserver
2 Mar 2026
4355 Impressions
16 Retweets
36 Likes
14 Bookmarks
2 Replies
0 Quotes
Warning: Critical OS Command Injection vulnerability in #IceWarp. #CVE-2025-14500 (CVSS: 9.8). Unauthenticated attackers can achieve complete system compromise #RCE #Patch #Patch #Patch More info: https://t.co/Tus9dx7VH1
@CCBalert
20 Feb 2026
343 Impressions
1 Retweet
3 Likes
2 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-14500 - Critical IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp... https://t.co/HfM2lQPFxe https://t.co/1g41edp6j5
@TheHackerWire
23 Dec 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes