Short Name |
HTTP:CTS:NTOP-NG-PRIV-ESC |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
Ntop-ng Privilege Escalation |
Release Date |
2020/02/04 |
Update Number |
3251 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Ntop-ng. A successful attack can lead to elevation of privilege and arbitrary code execution.
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.