Security Flaw in Mailcow's Password Reset Feature Affects Users
CVE-2025-25198

7.1HIGH

Key Information:

Vendor: Mailcow
Status: Mailcow-dockerized
Vendor: CVE Published:; 12 February 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-25198?

mailcow: dockerized, an open source groupware and email suite, has a vulnerability in its password reset functionality prior to version 2025-01a. This flaw allows malicious actors to modify the Host HTTP header, leading to the generation of a password reset link that redirects users to a domain controlled by the attacker. If a user clicks on this link, they could inadvertently compromise their account. Users are advised to upgrade to version 2025-01a, which contains a fix for this vulnerability. Alternatively, to mitigate risks, users can disable the password reset feature by removing values from the Notification email sender and Notification email subject in the system configuration settings.

Affected Version(s)

mailcow-dockerized < 2025-01a

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-25198-PoC
Created by Groppoxx

CVE-2025-25198-PoC
Created by enzocipher

References

https://github.com/mailcow/mailcow-dockerized/security/ad...

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Oct 14, 2025
👾
Exploit known to exist
Oct 14, 2025
Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Feb 3, 2025

CVE-2025-25198 Data

JSON