TWiki.Image.Path.Remote.Command.Execution
Description
This indicates an attempt to exploit a command execution vulnerability in TWiki.
The vulnerability is a result of the application's failure to properly sanitize the image variable in a URL query. As a result, a remote attacker can send a
crafted query to execute arbitrary commands.
Affected Products
TWiki before 4.2.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround:
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195#Hotfix_for_older_TWiki_versions
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:Twiki. Image. Path. Remote. Command. Execution:TWiki. Image. Path. Remote. Command. Execution |
2018-09-21 | 13.455 | Sig Added |