|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-03-05 | |
| Rule Name: | Linux Command Injection Detection - Debug Mode | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The command injection vulnerability is caused by the application's lax filtering of user input. Attackers can execute arbitrary operating system commands on servers running applications by concatenating system commands.This rule is used to detect command injection caused by the Debug page being exposed to the public network. | |
| Impact: | An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| 1. Filter and escape the data entered by the user to ensure that the input does not contain special characters or keywords injected by the command. 2. Use safe apis and functions to execute system commands, and avoid directly concatenating user input as commands. 3. Ensure that the program executes system commands with the principle of least privilege. |