Short Name |
HTTP:MISC:WATCHGUARD-VA-RCE |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Watchguard XCS Virtual Appliance Remote Code Execution |
Release Date |
2017/11/28 |
Update Number |
3012 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Watchguard XCS Virtual Appliance. Successful exploitation could lead to arbitrary command injection.
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl.