Kentico.CMS.Staging.SyncServer.Remote.Command.Execution
Description
This indicates an attack attempt to exploit an Remote Command Injection vulnerability in Kentico.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An remote attacker may be able to exploit this to execute arbitrary command within the context of the application.
Affected Products
Kentico version 12.0.x before version 12.0.15
Kentico version 11.0.x before version 11.0.48
Kentico version 10.0.x before version 10.0.52
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Applied latest upgrade or patch from the vendor:
https://devnet.kentico.com/download/hotfixes#securityBugs-v12
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |