Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

HTTP: LAquis SCADA LGX Report Arbitrary File Write Remote Code Execution

This signature detects attempts to exploit a known vulnerability against LAquis SCADA. A successful attack can lead to arbitrary code execution.

Extended Description

There are multiple ways in LCDS LAquis SCADA for an attacker to access locations outside of their own directory.

References

BugTraq: 106634

CVE: CVE-2024-5040

URL: https://www.cisa.gov/news-events/ics-advisories/icsa-24-142-01 http://www.zerodayinitiative.com/advisories/ZDI-24-484/ http://www.zerodayinitiative.com/advisories/ZDI-24-486/ http://www.zerodayinitiative.com/advisories/ZDI-24-490/

Short Name

HTTP:CVE-2018-18988-RCE

Severity

Major

Recommended

False

Recommended Action

Drop

Category

HTTP

Keywords

Arbitrary CVE-2018-18988 CVE-2024-5040 Code Execution File LAquis LGX Remote Report SCADA Write bid:106634

Release Date

06/19/2019

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3761

False Positive

Unknown

CVSS Score

8.3