SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP 2l2l2l2l2l2l-3-2 Cisco DDR2200 ADSL gateway command injection attempt
123
123
No public information
No known false positives
Cisco Talos Intelligence Group
Rule Categories::File::Java
Rule Categories::File::Flash
Rule Categories::File::Office
Rule Categories::File::File Type Identification
Rule Categories::File::Other
Rule Categories::File::Image
Rule Categories::File::Multimedia
Rule Categories::File::PDF
Rule Categories::File::Executable
Local File Inclusion
Local File Inclusion (LFI) attackers attempt to trick the web server into executing a file local to its own file system. The attacker might have saved the file there in another way first, or the target file could be a local executable that should not be accessible to the web server otherwise. A successful LFI can lead to data leaks or remote code execution. Avoid dynamic inclusion of user input files, or whitelist files that may be included.
CVE-2017-11588 |
Loading description
|
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
