HTTP: Watchguard XCS SQL Injection
This signature detects attempts to exploit a known vulnerability against Watchguard XCS. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attackers to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.
Affected Products
Watchguard xcs
References
CVE: CVE-2015-5452
Short Name
HTTP:SQL:INJ:HEADER-COOKIE-WCS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2015-5452 Injection SQL Watchguard XCS
Release Date
12/05/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Watchguard
CVSS Score
7.5