APP: CloudMe CVE-2018-6892 Remote Code Execution
This signature detects attempts to exploit a known vulnerability against CloudMe. A successful attack can lead to arbitrary code execution.
Extended Description
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
Affected Products
Cloudme sync
References
CVE: CVE-2018-6892
Short Name
APP:MISC:CLOUDME-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
CVE-2018-6892 CloudMe Code Execution Remote
Release Date
03/22/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3415
Port
TCP/8888
False Positive
Unknown
Vendors
Cloudme
CVSS Score
7.5