Hub WAF rule

More info

vpatch-CVE-2023-23063 WAF Rule

« Cellinx NVT Web Server - Local File Inclusion »
v0.2 by crowdsecurity
WAF rule

Detects local file disclosure in Cellinx NVT Web Server via GetFileContent.cgi PATH parameter.

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2023-23063

YAML Configuration

1## autogenerated on 2025-10-01 14:01:13
2name: crowdsecurity/vpatch-CVE-2023-23063
3description: 'Detects local file disclosure in Cellinx NVT Web Server via GetFileContent.cgi PATH parameter.'
4rules:
5  - and:
6      - zones:
7          - URI
8        transform:
9          - lowercase
10        match:
11          type: contains
12          value: /cgi-bin/getfilecontent.cgi
13      - zones:
14          - ARGS
15        variables:
16          - path
17        transform:
18          - lowercase
19          - urldecode
20        match:
21          type: regex
22          value: '^(/|\.\./)'
23
24labels:
25  type: exploit
26  service: http
27  confidence: 3
28  spoofable: 0
29  behavior: 'http:exploit'
30  label: "Cellinx NVT Web Server - Local File Inclusion"
31  classification:
32    - cve.CVE-2023-23063
33    - attack.T1005
34    - cwe.CWE-22
35

Hub WAF rule

« Cellinx NVT Web Server - Local File Inclusion »v0.2 by crowdsecurityWAF rule

« Cellinx NVT Web Server - Local File Inclusion »
v0.2 by crowdsecurity
WAF rule