OP5.System.Remote.Code.Injection
Description
This indicates an attack attempt against a Code Execution vulnerability in op5 Monitor and op5 Appliance.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application via a craft HTTP request.
Affected Products
op5 Monitor version 1.6.1 and prior
op5 Appliance version 5.5.1 and prior
op5 system-op5config version 2.0.2 and prior
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version from the vendor.
http://www.op5.com/news/support-news/fixed-vulnerabilities-op5-monitor-op5-appliance/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-02-01 | 17.008 | Sig Added |
2019-10-29 | 14.713 | Default_action:pass:drop |
2019-06-19 | 14.635 | Sig Added |
2019-06-14 | 14.633 |