Forum Discussion

Cirrostratus

Feb 04, 2021

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

Is there any signature for CVE-2018-9126 provided by F5 ? if yes , then what is the name of signature so that we can enforce it in ASM ?

Admin

Feb 06, 2021

in lieu of a signature, this should be an easy block by adding a disallowed parameter as such:

CP=%2fweb.config

THE_BLUE

Cirrostratus

Feb 06, 2021

but is this mean there is no pre-defied signature from F5 ASM ?

if i have not add this parameter as disallowed, does ASM will pass the traffic with no block ?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Forum Discussion

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

Come Join DevCentral for the Seattle DotNetNuke User Group Meeting

Far futures expire headers

DevCentral Architecture

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS