ET WEB_CLIENT [Volex] Possible ColdFusion Unauthenticated Upload Attempt (CVE-2018-15961)

7.0.35.0SID: 2026604Rev: 4Enabled3 views
Sourceet/open
Fileemerging-web_client.rules
CreatedNovember 13, 2018
UpdatedMarch 7, 2024
Classificationattempted-user
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_CLIENT [Volex] Possible ColdFusion Unauthenticated Upload Attempt (CVE-2018-15961)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/upload.cfm?action=upload"; nocase; fast_pattern; endswith; reference:cve,2018-15961; reference:url,volexity.com/blog/2018/11/08/active-exploitation-of-newly-patched-coldfusion-vulnerability-cve-2018-15961/; classtype:attempted-user; sid:2026604; rev:4; metadata:affected_product Adobe_Coldfusion, attack_target Web_Server, created_at 2018_11_13, cve CVE_2018_15961, deployment Perimeter, performance_impact Low, confidence Medium, signature_severity Major, tag CVE_2018_15961, tag CISA_KEV, updated_at 2024_03_07;)

Metadata

affected productAdobe_Coldfusion
attack targetWeb_Server
created at2018_11_13
deploymentPerimeter
performance impactLow
confidenceMedium
signature severityMajor
tagCISA_KEV
updated at2024_03_07

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!