Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:MISC:ENDIAN-PRX-CMDEXEC2
Severity	Major
Recommended	Yes
Recommended Action	Drop
Category	APP
Keywords	Endian Firewall Proxy Password Change Command Execution 2
Release Date	2016/02/09
Update Number	2642
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Endian Firewall Proxy Password Change Command Execution 2

This signature detects an attempt to exploit a known vulnerability against Endian Firewall Proxy application. Successful exploitation could allow an attacker to perform remote code execution.

Extended Description

Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.

Affected Products

Endian_firewall endian_firewall 2.5.1

References

CVE: CVE-2015-5082

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Endian Firewall Proxy Password Change Command Execution 2

Extended Description

Affected Products

References