ATTACK [PTsecurity] Arbitrary PHP RCE in Drupal 8 < 8.5.11,8.6.10 (CVE-2019-6340)

SID: 10004555Rev: 31 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http any any -> any any (msg:"ATTACK [PTsecurity] Arbitrary PHP RCE in Drupal 8 < 8.5.11,8.6.10 (CVE-2019-6340)"; flow:established, to_server; content:"GET"; http_method; content:"hal_json"; http_uri; content:"link"; http_client_body; content:"options"; distance:0; content:"O:"; distance:0; http_client_body; pcre:"/\x22options\x22\s*:\s*\x22O:\d+:/P"; reference:cve, 2019-6340; reference:url, www.ambionics.io/blog/drupal8-rce; reference:url, github.com/ptresearch/AttackDetection; classtype:attempted-admin; sid:10004555; rev:3;)

References

cve	2019-6340
url	www.ambionics.io/blog/drupal8-rce
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!