OpenKM.Document.Management.CSRF.Based.Command.Execution
Description
This indicates an attack attempt to exploit a Cross Site Request Forgery based Command Execution vulnerability in OpenKM Document Management System.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary OS commands on an affected system.
Affected Products
OpenKM version 5.1.7
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version available from the website.
http://www.openkm.com/en/download-english.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |