Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

IceWarp - Open Redirect

By kannthu

Vidoc logoVidoc Module

IceWarp - Open Redirect

What is the "IceWarp - Open Redirect?"

The "IceWarp - Open Redirect" module is designed to detect open redirect vulnerabilities in IceWarp, a specific software. Open redirect vulnerabilities allow attackers to redirect users to malicious websites, potentially leading to the disclosure of sensitive information, data modification, or other security risks. This module has a medium severity level and was authored by uomogrande.


An open redirect vulnerability in IceWarp can have serious consequences. Attackers can exploit this vulnerability to trick users into visiting malicious websites, which can result in the compromise of sensitive information, unauthorized data modification, or other malicious activities.

How the module works?

The "IceWarp - Open Redirect" module works by sending HTTP requests to the target system and then applying matching conditions to identify open redirect vulnerabilities. The module checks for specific headers and uses regular expressions to detect URLs that can be manipulated to redirect users to unauthorized or malicious websites.

Here is an example of an HTTP request used by the module:

GET /// HTTP/1.1

The module applies the following matching conditions:

- The presence of the "IceWarp" header - A regular expression that matches URLs with the pattern "" and allows for potential redirection

If both matching conditions are met, the module identifies the presence of an open redirect vulnerability in IceWarp.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: IceWarpand
regex: (?m)^(?:Location\s*?:\s*?)(?:https?:\/\/...
Passive global matcher
No matching conditions.
On match action
Report vulnerability