Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:DIR:CVE-2018-7836-DIR-TRAV

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 HTTP

Keywords

 Schneider Electric IIoT Monitor Zip Directory Traversal

Release Date

 2019/06/04

Update Number

 3177

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Schneider Electric IIoT Monitor Zip Directory Traversal


This signature detects attempts to exploit a known vulnerability against Schneider Electric IIoT Monitor. A successful attack can lead to arbitrary code execution.

Extended Description

An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.

Affected Products

  • Schneider-electric iiot_monitor 3.1.38

References

  • BugTraq: 106484
  • CVE: CVE-2018-7836
  • URL: http://www.zerodayinitiative.com/advisories/zdi-19-032/
  • URL: http://www.zerodayinitiative.com/advisories/zdi-19-030/
  • URL: http://www.zerodayinitiative.com/advisories/zdi-19-029/
  • URL: http://www.zerodayinitiative.com/advisories/zdi-19-022/
  • URL: http://www.zerodayinitiative.com/advisories/zdi-19-021/
  • URL: https://www.schneider-electric.com/en/download/document/sevd-2018-354-03/

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out