Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	HTTP:MISC:WATCHGUARD-VA-RCE
Severity	Major
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Watchguard XCS Virtual Appliance Remote Code Execution
Release Date	2017/11/28
Update Number	3012
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Watchguard XCS Virtual Appliance Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Watchguard XCS Virtual Appliance. Successful exploitation could lead to arbitrary command injection.

Extended Description

Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl.

Affected Products

Watchguard xcs 10.0
Watchguard xcs 9.2

References

BugTraq: 75516
CVE: CVE-2015-5453
URL: http://security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Watchguard XCS Virtual Appliance Remote Code Execution

Extended Description

Affected Products

References