virus logo Intrusion Prevention

C-DATA.Web.Management.System.jumpto.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit an Input Validation Error Vulnerability in C-DATA Web Management System.
The vulnerability is due to insufficient input validation. A remote, authenticated attacker can exploit this vulnerability by sending crafted packets to the target server. Successful exploitation could result in remote code execution.

description-logoOutbreak Alert

FortiGuard Labs observed a critical level of attack attempts in the wild targeting a 2-year-old vulnerability found on C-DATA Web Management System.

View the full Outbreak Alert Report

affected-products-logoAffected Products

C-DATA Web Management System

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-04-13 23.535 Default_action:pass:drop
2023-03-01 23.504
ID 52651
Created Feb 23, 2023
Updated Apr 12, 2023
Outbreak Alert C-DATA RCE Attack
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2022-4257
Exploit Prediction Score 0.24%
Default Action drop
Active
Affected OS Linux
Affected App Other