HTTP: IPFire Firewall Web Interface backup.cgi Command Injection
This signature detects attempts to exploit a known vulnerability against IPFire Firewall Web Interface. Successful exploitation could lead to arbitrary command injection.
Extended Description
An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core Update 124 in backup.cgi. This allows an authenticated user with privileges for the affected page to execute arbitrary commands.
Affected Products
Ipfire ipfire
References
CVE: CVE-2018-16232
URL: https://blog.ipfire.org/post/ipfire-2-21-core-update-124-released
Short Name
HTTP:CVE-2018-16232-CMD-INJ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2018-16232 Command Firewall IPFire Injection Interface Web backup.cgi
Release Date
02/05/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Ipfire
CVSS Score
6.5