AjaXplorer.checkInstall.Remote.Command.Execution
Description
This indicates an attack attempt against a remote Code Execution vulnerability in AjaXplorer.
The vulnerability is due to how the filters for user inputs fail to properly sanitize the "Configdir" parameter value that is passed to "awstats.pl". An attacker may include arbitrary shell commands by supplying an injection string through the URL.
Affected Products
AjaXplorer version older than 2.6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems
Recommended Actions
Update to latest version available from the website.
http://ajaxplorer.info/download/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |