CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

Question

Is there any signature for CVE-2018-9126  provided by F5 ? if yes , then what is the name of signature so that we can enforce it in ASM ?

jrahm · Answer

in lieu of a signature, this should be an easy block by adding a disallowed parameter as such:CP=%2fweb.config

the_blue · Answer

but is this mean there is no pre-defied  signature  from F5 ASM ? if i have not add this parameter as disallowed, does ASM will pass the traffic with no block ?

jrahm · Answer

You can check your signatures to find out by following the guidance here: https://support.f5.com/csp/article/K45558510

if there is a signature and you’ve applied it it should block. If there is no signature you will need to add a parameter to do so.

gal_goldshtein · Answer

We have added a dedicated signature on the last signature update that mitigates this vulnerability:

200007038 - DotNetNuke - GetCSS Arbitrary File Read

Also on a side note, the POC exploit for this vulnerability is matched by the following signature:

200000042 - ASP.NET configuration file access (web.config) (Parameter)

the_blue · Answer

I could not find this signature 200007038 - DotNetNuke - GetCSS Arbitrary File Read , how to install it?

Forum Discussion

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

6 Replies

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Come Join DevCentral for the Seattle DotNetNuke User Group Meeting

Far futures expire headers

DevCentral Architecture