Hub Appsec rule

More info

vpatch-CVE-2025-36604 AppSec Rule

« vpatch-CVE-2025-36604 »
v0.1 by crowdsecurity
AppSec rule

Detects OS command injection in Dell UnityVSA via crafted path in /misc/ endpoint (CVE-2025-36604)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2025-36604

YAML Configuration

1## autogenerated on 2025-10-09 10:57:26
2name: crowdsecurity/vpatch-CVE-2025-36604
3description: 'Detects OS command injection in Dell UnityVSA via crafted path in /misc/ endpoint (CVE-2025-36604)'
4rules:
5  - and:
6      - zones:
7          - URI
8        transform:
9          - lowercase
10          - urldecode
11        match:
12          type: contains
13          value: /misc/
14      - zones:
15          - URI
16        transform:
17          - urldecode
18        match:
19          type: regex
20          value: '[`|;$]'
21
22labels:
23  type: exploit
24  service: http
25  confidence: 3
26  spoofable: 0
27  behavior: 'http:exploit'
28  label: 'Dell UnityVSA - RCE'
29  classification:
30    - cve.CVE-2025-36604
31    - attack.T1190
32    - cwe.CWE-78
33

Hub Appsec rule

« vpatch-CVE-2025-36604 »v0.1 by crowdsecurityAppSec rule

« vpatch-CVE-2025-36604 »
v0.1 by crowdsecurity
AppSec rule