Forum Discussion

Cirrostratus

5 years ago

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

Is there any signature for CVE-2018-9126 provided by F5 ? if yes , then what is the name of signature so that we can enforce it in ASM ?

Employee

5 years ago

We have added a dedicated signature on the last signature update that mitigates this vulnerability:

200007038 - DotNetNuke - GetCSS Arbitrary File Read

Also on a side note, the POC exploit for this vulnerability is matched by the following signature:

200000042 - ASP.NET configuration file access (web.config) (Parameter)

THE_BLUE

Cirrostratus

5 years ago

I could not find this signature 200007038 - DotNetNuke - GetCSS Arbitrary File Read , how to install it?

boneyard
MVP
5 years ago
follow the documentation on updating: https://support.f5.com/csp/article/K8217

then check it in your ASM profile

AppWorld Berlin iRules Contest!

DevCentral News

announcement

appworld2026

berlin

event

irules

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Forum Discussion

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

SSL Forward Proxy, iRules and Client Hello

monitor/healthcheck issue with envoy gateway

Recommendation for Adv. Lab

Changes to DO and AS3 GitHub - no longer monitored

How to Verify config before loading to F5

Related Content

Come Join DevCentral for the Seattle DotNetNuke User Group Meeting

Far futures expire headers

DevCentral Architecture

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS