HTTP: ISPConfig user_settings.php Arbitrary File Inclusion
This signature detects attempts to exploit an arbitrary file inclusion vulnerability which has been reported in ISPConfig. A remote attacker can exploit this vulnerability by sending a crafted request. Successful exploitation results in RCE under the security context of the target application.
Extended Description
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access.
Affected Products
Ispconfig ispconfig
Short Name
HTTP:ISPCONFIG-SETTINGS-FI
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2018-17984 File ISPConfig Inclusion user_settings.php
Release Date
01/24/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Ispconfig
CVSS Score
4.6