Intrusion PreventionASPXSpy.Webshell
Description
This indicates a potential .NET ASP webshell upload. A malicious user may use this script to further compromise the targeted host.
Affected Products
N/A
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Configure a Worker Process Identity (WPI) for an application pool.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-10-21 | 16.947 | Name:ASPXSpy. Detection:ASPXSpy. Webshell |
| 2020-10-21 | 16.947 | Severity:low:medium |
| 2020-08-12 | 15.904 | Sig Added |
| 2020-07-27 | 15.894 | Sig Added |
| ID | 15558 |
| Created | Mar 31, 2009 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2008-1436 |
| Exploit Prediction Score | 94.21% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |