Intrusion PreventionOP5.System.Remote.Code.Injection
Description
This indicates an attack attempt against a Code Execution vulnerability in op5 Monitor and op5 Appliance.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application via a craft HTTP request.
Affected Products
op5 Monitor version 1.6.1 and prior
op5 Appliance version 5.5.1 and prior
op5 system-op5config version 2.0.2 and prior
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version from the vendor.
http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-02-01 | 17.008 | Sig Added |
| 2019-10-29 | 14.713 | Default_action:pass:drop |
| 2019-06-19 | 14.635 | Sig Added |
| 2019-06-14 | 14.633 |
| ID | 30797 |
| Created | Jun 14, 2019 |
| Updated | Jan 29, 2021 |
| Risk |
|
| CVE ID | CVE-2012-0262 CVE-2012-0261 |
| Exploit Prediction Score | 91.66% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | PHP_app |