virus logo Intrusion Prevention

Crypttech.CryptoLog.Remote.Code.Injection

description-logoDescription

This indicates an attack attempt to exploit a remote Code injection vulnerability in CryptoLOG.
The vulnerability is due to improper validation of user supplied inputs when handling a crafted HTTP request. A remote attacker may be able to exploit this to execute arbitrary command within the context of the process, via a crafted HTTP request.

affected-products-logoAffected Products

CryptoLOG version 2015 and prior

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary commands within the context of the root user.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch for this issue

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://www.rapid7.com/db/modules/exploit/linux/http/crypttech_cryptolog_login_exec
ID 44021
Created May 16, 2017
Updated Jun 19, 2017
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Linux
Affected App Other