.. / CVE-2021-36580

Exploit for IceWarp Mail Server - Open Redirect (CVE-2021-36580)

Description:

IceWarp Mail Server contains an open redirect via the referer parameter. This can lead to phishing attacks or other unintended redirects.

Nuclei Template

View the template here CVE-2021-36580.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-36580.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2021-36580
http://mail.ziyan.com
https://twitter.com/shifacyclewala/status/1443298941311668227
https://medium.com/%40rohitgautam26/cve-2021-36580-69219798231c
https://www.icewarp.com/
http://icewarp.com