Hub WAF rule

More info

vpatch-CVE-2014-5181 WAF Rule

« Last.fm Rotation - Local File Inclusion »
v0.2 by crowdsecurity
WAF rule

Detects path traversal in Last.fm Rotation plugin via snode parameter in lastfm-proxy.php

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2014-5181

YAML Configuration

1## autogenerated on 2026-02-25 14:30:41
2name: crowdsecurity/vpatch-CVE-2014-5181
3description: 'Detects path traversal in Last.fm Rotation plugin via snode parameter in lastfm-proxy.php'
4rules:
5  - and:
6      - zones:
7          - URI
8        transform:
9          - lowercase
10          - urldecode
11        match:
12          type: contains
13          value: /wp-content/plugins/lastfm-rotation/lastfm-proxy.php
14      - zones:
15          - ARGS
16        variables:
17          - snode
18        transform:
19          - lowercase
20          - urldecode
21        match:
22          type: contains
23          value: '../'
24
25labels:
26  type: exploit
27  service: http
28  confidence: 3
29  spoofable: 0
30  behavior: 'http:exploit'
31  label: "Last.fm Rotation - Local File Inclusion"
32  classification:
33    - cve.CVE-2014-5181
34    - attack.T1190
35    - cwe.CWE-22
36

Hub WAF rule

« Last.fm Rotation - Local File Inclusion »v0.2 by crowdsecurityWAF rule

« Last.fm Rotation - Local File Inclusion »
v0.2 by crowdsecurity
WAF rule