virus logo Intrusion Prevention

WebUI.Mainfile.php.Arbitrary.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit a Command Injection vulnerability in PHP.
The vulnerability is due to insufficient validation on users' supplied inputs in the application when handling malicious requests. A remote attacker may be able to exploit this to execute arbitrary commands in the affected machine via crafted requests.

affected-products-logoAffected Products

WebUI WebUI 1.5b9

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary commands in the context of the affected site

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://github.com/baram01/webui/ https://www.exploit-db.com/exploits/36821/
ID 40850
Created Jul 08, 2015
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App Other