Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:MISC:IPFIRE-CMD-INJ

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 HTTP

Keywords

 IPFire Command Injection

Release Date

 2017/08/22

Update Number

 2982

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: IPFire Command Injection


This signature detects attempts to exploit a known vulnerability against ids.cgi script of IPFire. A remote authenticated attacker may exploit this vulnerability by sending a crafted request to the vulnerable CGI script. Successful exploitation could lead to arbitrary command injection.

Extended Description

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.

Affected Products

  • Ipfire ipfire 2.19

References

  • CVE: CVE-2017-9757
  • URL: https://github.com/ipfire/ipfire-2.x/commit/a9a91e5fa713c14f59d20228c228f0e67c4365a8

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out