Hub Appsec rule

More info

vpatch-CVE-2024-1061 AppSec Rule

« vpatch-CVE-2024-1061 »
v0.1 by crowdsecurity
AppSec rule

WordPress HTML5 Video Player - SQL Injection (CVE-2024-1061)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2024-1061

YAML Configuration

1name: crowdsecurity/vpatch-CVE-2024-1061
2description: "WordPress HTML5 Video Player - SQL Injection (CVE-2024-1061)"
3rules:
4  - and:
5    - zones:
6      - METHOD
7      match:
8        type: equals
9        value: GET
10    - zones:
11      - ARGS
12      variables:
13      - rest_route
14      match:
15        type: contains
16        value: /h5vp/v1/view
17    - zones:
18      - ARGS
19      variables:
20      - id
21      match:
22        type: libinjectionSQL
23
24labels:
25  type: exploit
26  service: http
27  confidence: 3
28  spoofable: 0
29  behavior: "http:exploit"
30  label: "WordPress HTML5 Video Player - SQL Injection"
31  classification:
32   - cve.CVE-2024-1061
33   - attack.T1595
34   - attack.T1190
35   - cwe.CWE-89

Hub Appsec rule

« vpatch-CVE-2024-1061 »v0.1 by crowdsecurityAppSec rule

« vpatch-CVE-2024-1061 »
v0.1 by crowdsecurity
AppSec rule