Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	APP:MISC:NUUO-CMS-SQL-INJ
Severity	Minor
Recommended	No
Recommended Action	Drop
Category	APP
Keywords	NUUO CMS Sourceserver SQL Injection
Release Date	2020/06/02
Update Number	3286
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: NUUO CMS Sourceserver SQL Injection

This signature detects attempts to exploit a known vulnerability against NUUO CMS. A successful attack can lead to command injection and arbitrary code execution.

Extended Description

NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL characters, which can be used to inject SQL into an executing statement and allow arbitrary code execution.

Affected Products

Nuuo nuuo_cms 3.3

References

CVE: CVE-2018-18982
URL: https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02
URL: https://seclists.org/fulldisclosure/2019/Jan/51

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

APP: NUUO CMS Sourceserver SQL Injection

Extended Description

Affected Products

References