SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP ClipBucket beats_uploader arbitrary PHP file upload attempt
This event is generated when an attacker attempts to exploit an arbitrary file upload vulnerability in ClipBucket.
Attempted Administrator Privilege Gain
Rule checks for attempts to exploit an arbitrary file upload vulnerability in ClipBucket.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2018-7665An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
||Ease of Access||