SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Horde Groupware Webmail data import PHP code injection attempt
This rule looks for crafted data injected in the "escape" or the "quote" parameters sent to the Horde Groupware Webmail Edition. If crafted successfully, an attacker can get remote code execution on the vulnerable server.
This rule alerts on attempts to exploit a remote code execution vulnerability in Horde Groupware Webmail Edition.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2020-8518 |
Loading description
|
Tactic: Initial Access
Technique: Exploit Public-Facing Application
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org