Axigen WebMail PanelDetection

ID: axigen-webmail

Severity: info

Author: dhiyaneshDk,idealphase

Tags: axigen,panel

Description

An Axigen webmail panel was discovered.

YAML Source

id: axigen-webmail

info:
  name: Axigen WebMail PanelDetection
  author: dhiyaneshDk,idealphase
  severity: info
  description: An Axigen webmail panel was discovered.
  reference:
    - https://www.axigen.com/
  classification:
    cwe-id: CWE-200
    cpe: cpe:2.3:a:axigen:axigen_mail_server:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    shodan-query: http.title:"Axigen WebMail"
    product: axigen_mail_server
    vendor: axigen
  tags: axigen,panel

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - '(?i)(Axigen WebMail)'
          - '<title>Axigen Standard Webmail - (.*)</title>'
        condition: or

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        group: 1
        part: body
        regex:
          - '<script type="text\/javascript" src="js\/lib_login\.js\?v=(.+)"><\/script>'
# digest: 490a0046304402204cb2a9313e46ad13abd1067bf9da48638914f18984c31ba1fdfcad3305fa8f46022031baa374758b3bf57f86afc6b53d44c2ec1182ed4ad14ed59148e79598a6d9d1:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/exposed-panels/axigen-webmail.yaml"

View on Github