id: CVE-2021-36580

info:
  name: IceWarp Open Redirect
  author: DhiyaneshDk
  severity: medium
  reference:
    - https://twitter.com/shifacyclewala/status/1443298941311668227
  metadata:
    verified: true
    shodan-query: title:"icewarp"
  tags: cve,cve2021,icewarp,redirect

requests:
  - method: GET
    path:
      - "{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"

    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'