cscli appsec-rules install crowdsecurity/vpatch-CVE-2020-11738
1name: crowdsecurity/vpatch-CVE-2020-117382description: "Wordpress Snap Creek Duplicator - Path Traversal (CVE-2020-11738)"3rules:4 - and:5 - zones:6 - URI7 transform:8 - lowercase9 match:10 type: endsWith11 value: /wp-admin/admin-ajax.php12 - zones:13 - ARGS14 variables:15 - action16 match:17 type: equals18 value: duplicator_download19 - zones:20 - ARGS21 variables:22 - file23 match:24 type: contains25 value: ".."26labels:27 type: exploit28 service: http29 confidence: 330 spoofable: 031 behavior: "http:exploit"32 label: "Wordpress Snap Creek Duplicator"33 classification:34 - cve.CVE-2020-1173835 - attack.T159536 - attack.T119037 - cwe.CWE-22