CVE-2020-14065

MEDIUM

IceWarp Mail Server 12.3.0.1 - Unrestricted File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-14065. PoCs published by networksecure, pinpinsec.

AI-analyzed exploit summary This repository contains a README describing CVE-2020-14065, an unlimited file upload vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.

Description

IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space.

Exploits (2)

nomisec WRITEUP 1 stars
by networksecure · poc
https://github.com/networksecure/CVE-2020-14065

This repository contains a README describing CVE-2020-14065, an unlimited file upload vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Icewarp Email Server 12.3.0.1
No auth needed
Prerequisites: access to the vulnerable Icewarp Email Server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by pinpinsec · poc
https://github.com/pinpinsec/CVE-2020-14065

This repository contains a README describing CVE-2020-14065, an unlimited file upload vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Icewarp Email Server 12.3.0.1
No auth needed
Prerequisites: Access to the vulnerable Icewarp Email Server instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Product, Vendor Advisory x_refsource_misc
https://www.icewarp.com/download-premise/server/

Scores

CVSS v3 6.5
EPSS 0.0146
EPSS Percentile 70.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-434
Status published
Products (1)
icewarp/mail_server 12.3.0.1
Published Jul 15, 2020
Tracked Since Feb 18, 2026