©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network.
SERVER-OTHER HP Web JetAdmin setinfo access attempt
Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to read arbitrary files via a .. (dot dot) in the setinclude parameter. Impact: CVSS base score 2.1 CVSS impact score 2.9 CVSS exploitability score 3.9 confidentialityImpact PARTIAL integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
This rule will alert when an attempt to exploit a known local file include vulnerability in HTP Web JetAdmin is detected.
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
Local File Inclusion
Local File Inclusion (LFI) attackers attempt to trick the web server into executing a file local to its own file system. The attacker might have saved the file there in another way first, or the target file could be a local executable that should not be accessible to the web server otherwise. A successful LFI can lead to data leaks or remote code execution. Avoid dynamic inclusion of user input files, or whitelist files that may be included.
CVE-2004-1856 |
Loading description
|
CVE-2004-1857 |
Loading description
|
Tactic: Impact
Technique: Account Access Removal
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.