Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:CVE-2018-7664-CMD-INJ
Severity	Major
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	ClipBucket CVE-2018-7664 Command Injection
Release Date	2019/02/28
Update Number	3146
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: ClipBucket CVE-2018-7664 Command Injection

This signature detects attempts to exploit a known vulnerability against ClipBucket. A successful attack can lead to command injection.

Extended Description

An issue was discovered in ClipBucket before 4.0.0 Release 4902. Any OS commands can be injected via shell metacharacters in the file_name parameter to /api/file_uploader.php or /actions/file_downloader.php.

Affected Products

Clip-bucket clipbucket 4.0.0

References

CVE: CVE-2018-7664

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: ClipBucket CVE-2018-7664 Command Injection

Extended Description

Affected Products

References