Short Name |
HTTP:MISC:ENDIAN-PRX-CMDEXEC |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Endian Firewall Proxy Password Change Command Execution |
Release Date |
2016/02/09 |
Update Number |
2642 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects an attempt to exploit a known vulnerability against Endian Firewall Proxy application. Successful exploitation could allow an attacker to perform remote code execution.
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.