Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:MISC:CLOUDME-RCE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
CloudMe CVE-2018-6892 Remote Code Execution |
Release Date |
2019/03/22 |
Update Number |
3156 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: CloudMe CVE-2018-6892 Remote Code Execution
This signature detects attempts to exploit a known vulnerability against CloudMe. A successful attack can lead to arbitrary code execution.
Extended Description
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
Affected Products
- Cloudme sync 1.10.9
References
- CVE: CVE-2018-6892