Hub Appsec rule

More info

vpatch-CVE-2019-5418 AppSec Rule

« vpatch-CVE-2019-5418 »
v0.1 by crowdsecurity
AppSec rule

Detects Rails file content disclosure via crafted Accept header (CVE-2019-5418)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2019-5418

YAML Configuration

1## autogenerated on 2025-07-09 14:37:47
2name: crowdsecurity/vpatch-CVE-2019-5418
3description: 'Detects Rails file content disclosure via crafted Accept header (CVE-2019-5418)'
4rules:
5  - zones:
6      - HEADERS
7    variables:
8      - accept
9    transform:
10      - lowercase
11      - urldecode
12    match:
13      type: contains
14      value: '../'
15
16labels:
17  type: exploit
18  service: http
19  confidence: 3
20  spoofable: 0
21  behavior: 'http:exploit'
22  label: 'Rails - LFI'
23  classification:
24    - cve.CVE-2019-5418
25    - attack.T1005
26    - cwe.CWE-22
27

Hub Appsec rule

« vpatch-CVE-2019-5418 »v0.1 by crowdsecurityAppSec rule

« vpatch-CVE-2019-5418 »
v0.1 by crowdsecurity
AppSec rule