HTTP: WWBN AVideo unzipDirectory ZIP Directory Traversal
This signature detects attempts to exploit a known vulnerability against WWBN AVideo. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.
Affected Products
Wwbn avideo
References
CVE: CVE-2022-30547
Short Name
HTTP:DIR:WWBN-AVDIO-UNZIP-TRVSL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AVideo CVE-2022-30547 Directory Traversal WWBN ZIP unzipDirectory
Release Date
09/20/2022
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3527
False Positive
Unknown
Vendors
Wwbn