HTTP: PhpMyAdmin preg_replace null termination remote code execution.
This signature detects attempts to exploit a known vulnerability against PhpMyAdmin. A successful attack can lead to arbitrary code execution.
Extended Description
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
Affected Products
Phpmyadmin phpmyadmin
Short Name
HTTP:PHP:PHPMYADMIN:PREG-RP-RCE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-5734 PhpMyAdmin bid:91387 code execution. null preg_replace remote termination
Release Date
09/29/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Phpmyadmin
CVSS Score
7.5