Hub WAF rule

More info

vpatch-CVE-2019-18935 WAF Rule

« Telerik - RCE »
v0.1 by crowdsecurity
WAF rule

Telerik - RCE (CVE-2019-18935)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2019-18935

YAML Configuration

1
2name: crowdsecurity/vpatch-CVE-2019-18935
3description: "Telerik - RCE (CVE-2019-18935)"
4rules:
5  - and:
6    - zones:
7      - METHOD
8      match:
9        type: equals
10        value: POST
11    - zones:
12      - URI
13      transform:
14      - lowercase
15      match:
16        type: endsWith
17        value: /telerik.web.ui.webresource.axd
18    - zones:
19      - ARGS
20      transform:
21      - lowercase
22      variables:
23      - type
24      match:
25        type: equals
26        value: rau
27labels:
28  type: exploit
29  service: http
30  confidence: 3
31  spoofable: 0
32  behavior: "http:exploit"
33  label: "Telerik - RCE"
34  classification:
35   - cve.CVE-2019-18935
36   - attack.T1595
37   - attack.T1190
38   - cwe.CWE-502

Hub WAF rule

« Telerik - RCE »v0.1 by crowdsecurityWAF rule

« Telerik - RCE »
v0.1 by crowdsecurity
WAF rule