tonykuo76/Openfind MAIL2000 Webmail Pre-Auth Open Redirect.md Secret

## Openfind MAIL2000 Webmail Pre-Auth Open Redirect.md

      
    Raw
  

              Openfind MAIL2000 Webmail Pre-Auth Open Redirect.md
            
          
    Openfind MAIL2000 Webmail Pre-Auth Open Redirect

Current Description

An Open Redirect vulnerability for all browsers in MAIL2000 through version 6.0 and 7.0, which will redirect to a malicious site without authentication.
This vulnerability affects many mail system of governments, organizations, companies and universities.
Details

The injection point is ACTION parameter in "/cgi-bin/go".
We execute arbitrary code via ACTION paramemer without authentication.

Description

It could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
Affected files

http://[Target Domain]/cgi-bin/go
Contributor


Tony Kuo (CHT Security)
Vtim (CHT Security)