Intrusion Prevention

XAMPP.WEBDAV.Malicious.PHP.File.Upload

Description

This indicates an attack attempt to exploit a file-uploading vulnerability in XAMPP WEBDAV.
There is a default user/password in the XAMPP WEBDAV which can be used by attackers to upload arbitrary PHP files to vulnerable systems.

Affected Products

XAMPP WEBDAV all versions

Impact

Security Bypass: Remote attackers can bypass security chekcing of vulnerable systems.

Recommended Actions

Forbid or modify the default user/password

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2019-10-02	14.698	Modified	Sig Added

References

http://www.metasploit.com/modules/exploit/windows/http/xampp_webdav_upload_php

ID	24481
Created	Oct 12, 2010
Updated	Oct 15, 2019
Risk
Default Action	drop
Active
Affected OS	Windows
Affected App	Other
Profile Type	Permission/Privilege/Access Control

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

XAMPP.WEBDAV.Malicious.PHP.File.Upload

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

XAMPP.WEBDAV.Malicious.PHP.File.Upload

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

References

Threat Intelligence
Center