HTTP: Watchguard XCS Virtual Appliance Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Watchguard XCS Virtual Appliance. Successful exploitation could lead to arbitrary command injection.
Extended Description
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the id parameter to ADMIN/mailqueue.spl.
Affected Products
Watchguard xcs
References
BugTraq: 75516
CVE: CVE-2015-5453
URL: http://security-assessment.com/files/documents/advisory/Watchguard-XCS-final.pdf
Short Name
HTTP:MISC:WATCHGUARD-VA-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Appliance CVE-2015-5453 Code Execution Remote Virtual Watchguard XCS bid:75516
Release Date
11/28/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Watchguard
CVSS Score
6.5