virus logo Intrusion Prevention

Kentico.CMS.Staging.SyncServer.Remote.Command.Execution

description-logoDescription

This indicates an attack attempt to exploit an Remote Command Injection vulnerability in Kentico.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An remote attacker may be able to exploit this to execute arbitrary command within the context of the application.

affected-products-logoAffected Products

Kentico version 12.0.x before version 12.0.15
Kentico version 11.0.x before version 11.0.48
Kentico version 10.0.x before version 10.0.52

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Applied latest upgrade or patch from the vendor:
https://devnet.kentico.com/download/hotfixes#securityBugs-v12

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-05-15 32.009
Modified
 Sig Added
2020-06-01 15.854
Modified
 Default_action:pass:drop
2020-05-20 15.847
New

References

https://devnet.kentico.com/download/hotfixes#securityBugs-v12
ID 48991
Created May 20, 2020
Updated May 15, 2025
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 93.9%
Default Action drop
Active
Affected OS Windows
Affected App Other
Profile Type OS Command Injection