virus logo Intrusion Prevention

ZK.Framework.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a remote code execution Vulnerability in ZK framework.
The vulnerability is due to improperly handling of a crafted HTTP request. A remote authenticated attacker could exploit the vulnerability by sending crafted HTTP requests to the target server. Successful exploitation could result in total compromise of the affected devices.

affected-products-logoAffected Products

ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1.
ConnectWise Recover 2.9.7 and earlier versions
R1Soft Server Backup Manager 6.16.3 and earlier versions

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the website:
https://tracker.zkoss.org/browse/ZK-5150
Upgrade to the latest version, available from:
http://wiki.r1soft.com/display/ServerBackupManager/Install+and+Upgrade+Server+Backup+Manager+on+Linux.html

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-06-12 24.574
New
2023-04-10 23.531
Removed
2023-03-06 23.506
New
ID 52687
Created Mar 02, 2023
Updated Jun 09, 2023
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 93.94%
Default Action pass
Active
Affected OS All
Affected App Other
Profile Type Permission/Privilege/Access Control