id: netsweeper-open-redirect

info:
  name: Netsweeper 4.0.9 - Open Redirection
  author: daffainfo
  severity: medium
  description: Netsweeper version 4.0.9 was vulnerable to an Unauthenticated and Authenticated Open Redirect vulnerability.
  reference:
    - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
  tags: netsweeper,redirect

requests:
  - method: GET
    path:
      - "{{BaseURL}}/webadmin/authportal/bounce.php?url=https://example.com/"

    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'