Moodle.Admin.Shell.Upload

description-logoDescription

This indicate an attempt to upload an Remote PHP shell into a Moodle via an authenticated user.
A Remote PHP shell is a malicious script, acting as a backdoor, that can be uploaded to a web server to enable remote administration of the machine.

affected-products-logoAffected Products

Moodle server

Impact logoImpact

System Compromise: Remote attacker can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Block the upload of the Remote PHP shell script

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-12-10 19.214 Default_action:pass:drop
2021-12-01 19.206