CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

Question

Is there any signature for CVE-2018-9126  provided by F5 ? if yes , then what is the name of signature so that we can enforce it in ASM ?

jrahm · Answer

in lieu of a signature, this should be an easy block by adding a disallowed parameter as such:CP=%2fweb.config

the_blue · Answer

but is this mean there is no pre-defied  signature  from F5 ASM ? if i have not add this parameter as disallowed, does ASM will pass the traffic with no block ?

jrahm · Answer

You can check your signatures to find out by following the guidance here: https://support.f5.com/csp/article/K45558510

if there is a signature and you’ve applied it it should block. If there is no signature you will need to add a parameter to do so.

gal_goldshtein · Answer

We have added a dedicated signature on the last signature update that mitigates this vulnerability:

200007038 - DotNetNuke - GetCSS Arbitrary File Read

Also on a side note, the POC exploit for this vulnerability is matched by the following signature:

200000042 - ASP.NET configuration file access (web.config) (Parameter)

the_blue · Answer

I could not find this signature 200007038 - DotNetNuke - GetCSS Arbitrary File Read , how to install it?

Forum Discussion

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

Recent Discussions

AS3 Limitations

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

FTP PASV mode to Extended Passive mode

Related Content

Come Join DevCentral for the Seattle DotNetNuke User Group Meeting

Far futures expire headers

DevCentral Architecture

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS