cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

CVE-2018-9126 - DotNetNuke DNNarticle Directory Traversal

THE_BLUE
Cirrus
Cirrus

Is there any signature for CVE-2018-9126 provided by F5 ?

if yes , then what is the name of signature so that we can enforce it in ASM ?

6 REPLIES 6

JRahm
Community Manager
Community Manager

in lieu of a signature, this should be an easy block by adding a disallowed parameter as such:

 

CP=%2fweb.config

 

 

but is this mean there is no pre-defied signature from F5 ASM ?

if i have not add this parameter as disallowed, does ASM will pass the traffic with no block ?

JRahm
Community Manager
Community Manager

You can check your signatures to find out by following the guidance here: https://support.f5.com/csp/article/K45558510

 

if there is a signature and you’ve applied it it should block. If there is no signature you will need to add a parameter to do so.

Gal_Goldshtein
F5 Employee
F5 Employee

We have added a dedicated signature on the last signature update that mitigates this vulnerability:

 

200007038 - DotNetNuke - GetCSS Arbitrary File Read

 

Also on a side note, the POC exploit for this vulnerability is matched by the following signature:

 

200000042 -  ASP.NET configuration file access (web.config) (Parameter)

I could not find this signature 200007038 - DotNetNuke - GetCSS Arbitrary File Read , how to install it?

follow the documentation on updating: https://support.f5.com/csp/article/K8217

 

then check it in your ASM profile