ET WEB_SPECIFIC_APPS LifterLMS Arbitrary File Write Attempt Inbound (CVE-2020-6008)

SID: 2030644Rev: 10 viewsHistory

Sourceet/open

CreatedAugust 4, 2020

UpdatedAugust 4, 2020

Classificationattempted-admin

alert http any any -> [$HTTP_SERVERS,$HOME_NET] any (msg:"ET WEB_SPECIFIC_APPS LifterLMS Arbitrary File Write Attempt Inbound (CVE-2020-6008)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"action=export_admin_table"; content:"&filename=../"; fast_pattern; reference:url,cpr-zero.checkpoint.com/vulns/cprid-2148/; reference:cve,2020-6008; classtype:attempted-admin; sid:2030644; rev:1; metadata:created_at 2020_08_04, cve CVE_2020_6008, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, updated_at 2020_08_04;)

References

url	cpr-zero.checkpoint.com/vulns/cprid-2148/
cve	2020-6008

Metadata

created at2020_08_04

cveCVE-2020-6008

deploymentPerimeter

performance impactLow

confidenceHigh

signature severityMajor

updated at2020_08_04

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!