Merge pull request #7384 from ctflearner/CVE-2010-1586

Create CVE-2010-1586.yaml
projectdiscovery · Jun 13, 2023 · 5c8a0d6 · 5c8a0d6
2 parents 888c7ad + d8e78ed
commit 5c8a0d6
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/http/cves/2010/CVE-2010-1586.yaml b/http/cves/2010/CVE-2010-1586.yaml
@@ -0,0 +1,31 @@
+id: CVE-2010-1586
+
+info:
+  name: HP System Management Homepage (SMH) v2.x.x.x - Open Redirect
+  author: ctflearner
+  severity: medium
+  description: |
+    Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the RedirectUrl parameter.
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1586
+    - https://yehg.net/lab/pr0js/advisories/hp_system_management_homepage_url_redirection_abuse
+  classification:
+    cvss-metrics: AV:N/AC:M/Au:N/C:N/I:P/A:N
+    cvss-score: 4.3
+    cve-id: CVE-2010-1586
+    cwe-id: CWE-20
+    cpe: cpe:2.3:a:hp:system_management_homepage:2.0.0:*:*:*:*:*:*:*
+  metadata:
+    max-request: 1
+  tags: cve,cve2010,redirect,smh,hp
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'