HTTP: ClipBucket CVE-2018-7665 File Upload

This signature detects attempts to exploit a known vulnerability against ClipBucket. Successful attack could allow the attacker to execute arbitrary PHP code on the vulnerable system.

Extended Description

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.

Affected Products

Clip-bucket clipbucket

References

CVE: CVE-2018-7665

Short Name
HTTP:CLIPBUCKET-FILE-UPLOAD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-7665 ClipBucket File Upload
Release Date
02/08/2019
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Clip-bucket

CVSS Score

10.0

Found a potential security threat?