HTTP: GLPI SQL Dump gzip/php polyglot arbitrary write

This signature detects attempts to exploit a known vulnerability against GLPI. A successful attack can lead to arbitrary code execution.

Extended Description

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account having Maintenance privileges and the right to add WIFI networks. This is fixed in version 9.4.6.

Affected Products

Glpi-project glpi

References

CVE: CVE-2020-11060

Short Name
HTTP:CTS:GLPI-SQLDUMP-GZIP-RCE
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2020-11060 Dump GLPI SQL arbitrary gzip/php polyglot write
Release Date
12/22/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3340
False Positive
Unknown
Vendors

Glpi-project

CVSS Score

9.0

Found a potential security threat?