CVE-2019-15858

  • Resolved Roberto Jobet

    (@robertojobet)


    4 years, 7 months ago

    Hi,

    Yesterday I found this line in NF logs:

    
04/Apr/20 04:46:04  #2472532  UPLOAD - 202.146.80.34 POST /wp-admin/admin-post.php - File upload detected, no action taken - [import_files.json (497 bytes)] - www.example.com

04/Apr/20 04:46:04  #2071029  CRITICAL  1543  202.146.80.34 POST /wp-admin/admin-post.php - WP vulnerability (CVE-2019-15858) - [FILES:wbcr_inp_import_files = import_files.json application/json /tmp/phpflHqLq  497] -

    The CVE-2019-15858 vulnerability is related to “Woody ad snippets” plugin that I don’t have in my site…

    Nevertheless it seems that a file has been uploaded to my website (?!)

    Best regards

    • This topic was modified 4 years, 7 months ago by Yui.
    • This topic was modified 4 years, 7 months ago by Yui. Reason: please use CODE button for code formatting
Viewing 1 replies (of 1 total)
  • Plugin Author nintechnet

    (@nintechnet)

    It was blocked.
    The first line shows that you allow uploads, hence the firewall doesn’t block uploads. But the second line shows that NinjaFirewall detected that it was an attempt to exploit a vulnerability and thus it blocked it.

Viewing 1 replies (of 1 total)
  • The topic ‘CVE-2019-15858’ is closed to new replies.