Hub WAF rule

More info

vpatch-CVE-2022-35914 WAF Rule

« GLPI - RCE »
v0.6 by crowdsecurity
WAF rule

GLPI RCE (CVE-2022-35914)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2022-35914

YAML Configuration

1name: crowdsecurity/vpatch-CVE-2022-35914
2description: "GLPI RCE (CVE-2022-35914)"
3rules:
4  - and:
5    - zones:
6      - URI
7      transform:
8      - lowercase
9      match:
10        type: endsWith
11        value: /vendor/htmlawed/htmlawed/htmlawedtest.php
12
13labels:
14  type: exploit
15  service: http
16  confidence: 3
17  spoofable: 0
18  behavior: "http:exploit"
19  label: "GLPI - RCE"
20  classification:
21   - cve.CVE-2022-35914
22   - attack.T1595
23   - attack.T1190
24   - cwe.CWE-74

Hub WAF rule

« GLPI - RCE »v0.6 by crowdsecurityWAF rule

« GLPI - RCE »
v0.6 by crowdsecurity
WAF rule