From f99baff037d74b2d61f1deca424ba697c8c315a6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 2 Oct 2024 13:47:07 +0400 Subject: [PATCH] Create CVE-2017-5871.yaml --- http/cves/2017/CVE-2017-5871.yaml | 42 +++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 http/cves/2017/CVE-2017-5871.yaml diff --git a/http/cves/2017/CVE-2017-5871.yaml b/http/cves/2017/CVE-2017-5871.yaml new file mode 100644 index 0000000000..660797746a --- /dev/null +++ b/http/cves/2017/CVE-2017-5871.yaml @@ -0,0 +1,42 @@ +id: CVE-2017-5871 + +info: + name: Odoo <= 8.0-20160726 & 9.0 - Open Redirect + author: 1337rokudenashi + severity: medium + description: | + An Open Redirect vulnerability in Odoo versions <= 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL. + impact: | + Successful exploitation can redirect users to malicious sites, potentially leading to phishing attacks or information theft. + remediation: | + Update Odoo to the latest patched version provided by the vendor. + reference: + - https://sysdream.com/cve-2017-5871-odoo-url-redirection-to/ + - https://nvd.nist.gov/vuln/detail/CVE-2017-5871 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2017-5871 + cwe-id: CWE-601 + cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:* + metadata: + verified: true + max-request: 1 + shodan-query: title:"Odoo" + product: odoo + vendor: odoo + tags: cve2017,cve,odoo,redirect + +http: + - method: GET + path: + - "{{BaseURL}}/web/session/logout?redirect=https://oast.me" + - "{{BaseURL}}/web/session/logout?redirect=https%3a%2f%2foast.me%2f" + - "{{BaseURL}}/web/dbredirect?redirect=https%3a%2f%2foast.me%2f" + + stop-at-first-match: true + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$'