The vulnerability in IceWarp is a directory traversal flaw that occurs when the application processes the ticket parameter on the collaboration endpoint. Because the system does not properly validate a user‑supplied path before performing file operations, an attacker can provide a crafted request that causes the service to read files outside the intended directory. This can expose sensitive information, potentially including files that are normally visible only to the root user. The weakness is a classic Directory Traversal (CWE‑22) that results in a confidentiality compromise without requiring authentication.

Affected systems are installations of IceWarp collaboration software as listed in the CNA’s vendor/product reference (IceWarp:IceWarp). No specific version range is provided in the advisory; therefore, all deployments that rely on the collaboration endpoint are potentially vulnerable until an official patch is released.

The vulnerability carries a high severity CVSS score of 7.5 and an EPSS probability of 15%, indicating a relatively high likelihood of exploitation. It is not yet reported in the CISA KEV catalog. The likely attack vector is remote, via the collaboration endpoint that is normally accessed over HTTP or HTTPS; this is inferred from the nature of the endpoint and typical web service interactions. The flaw can be exploited without authentication by sending a specially crafted ticket parameter, allowing the attacker to read arbitrary files that may contain privileged data. A zero‑day reference (ZDI‑CAN‑25440) confirms the exploitability of the vulnerability.