nuclei-templates/http/cves/2015/CVE-2015-2863.yaml

36 lines
1.3 KiB
YAML

id: CVE-2015-2863
info:
name: Kaseya Virtual System Administrator - Open Redirect
author: 0x_Akoko
severity: medium
description: |
Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
reference:
- https://github.com/pedrib/PoC/blob/3f927b957b86a91ce65b017c4b9c93d05e241592/advisories/Kaseya/kaseya-vsa-vuln.txt
- http://www.kb.cert.org/vuls/id/919604
- https://nvd.nist.gov/vuln/detail/CVE-2015-2863
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2015-2863
cwe-id: CWE-601
tags: cve,cve2015,redirect,kaseya
metadata:
max-request: 2
http:
- method: GET
path:
- '{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me'
- '{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me'
stop-at-first-match: true
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
# Enhanced by md on 2023/03/21