Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:PHP:VBULLETIN-RCE |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
vBulletin Pre-Auth Remote Code Execution |
Release Date |
2019/10/09 |
Update Number |
3216 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: vBulletin Pre-Auth Remote Code Execution
This signature detects attempts to exploit a known vulnerability against vBulletin. A successful attack can lead to arbitrary code execution.
Extended Description
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
Affected Products
- Vbulletin vbulletin 5.0.0
- Vbulletin vbulletin 5.0.1
- Vbulletin vbulletin 5.0.2
- Vbulletin vbulletin 5.0.3
- Vbulletin vbulletin 5.0.4
- Vbulletin vbulletin 5.0.5
- Vbulletin vbulletin 5.1.0
- Vbulletin vbulletin 5.1.1
- Vbulletin vbulletin 5.1.2
- Vbulletin vbulletin 5.1.3
- Vbulletin vbulletin 5.2.0
- Vbulletin vbulletin 5.2.1
- Vbulletin vbulletin 5.2.2
- Vbulletin vbulletin 5.2.4
- Vbulletin vbulletin 5.2.5
- Vbulletin vbulletin 5.2.6
- Vbulletin vbulletin 5.3.2
- Vbulletin vbulletin 5.3.3
- Vbulletin vbulletin 5.4.3
- Vbulletin vbulletin 5.5.0
- Vbulletin vbulletin 5.5.1
- Vbulletin vbulletin 5.5.2
- Vbulletin vbulletin 5.5.3
- Vbulletin vbulletin 5.5.4
References
- CVE: CVE-2019-16759