CVE-2021-27180 PoC — MDaemon Technologies WorldClient 跨站脚本漏洞

Source

https://github.com/chudyPB/MDaemon-Advisories

Associated Vulnerability

Title:MDaemon Technologies WorldClient 跨站脚本漏洞 (CVE-2021-27180)
Description:MDaemon Technologies WorldClient是MDaemon Technologies公司的一个应用软件。一个电子邮件系统。 WorldClient 20.0.4之前版本存在安全漏洞，该漏洞允许使用被攻击用户的特权执行任何操作。

Description

MDaemon Advisories - CVE-2021-27180, CVE-2021-27181, CVE-2021-27182, CVE-2021-27183

Readme

# MDaemon-Advisories
MDaemon Advisories:

- CVE-2021-27180 (Reflected XSS)

- CVE-2021-27181 (CSRF Token Fixation)

- CVE-2021-27182 (Iframe injection)

- CVE-2021-27183 (Remote Code Execution)

Those vulnerabilities were already patched on January 2021 and are published for CVE purposes. They can be chained to achieve RCE/Account Takeover over email message (user interaction required).

Timeline:

15-Dec-2020: Vulnerabilities reports sent to the vendor

12-Jan-2021: Patch published

Patch notes:

https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN/

Thank you MDaemon Technologies for quick fixes and good cooperation. :)

File Snapshot


 [4.0K]  /data/pocs/70cc795c32820a9d1c4d20dcfa92bc25cc4a278c
├── [205K]  CVE-2021-27180.pdf
├── [152K]  CVE-2021-27181.pdf
├── [229K]  CVE-2021-27182.pdf
├── [213K]  CVE-2021-27183.pdf
├── [632K]  demo-mdaemon.mp4
└── [ 641]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!