CVE-2020-12112 Exploitation Attempt

Aug 21, 2020 ·

Detection the attempt of Exposure of Sensitive Information

Sigma rule (View on GitHub)

 1title: CVE-2020-12112 Exploitation Attempt
 2id: 997067c1-a22d-4dfd-aed9-3c97e95015a0
 3status: experimental
 4description: Detection the attempt of Exposure of Sensitive Information
 5references:
 6  - https://github.com/tchenu/CVE-2020-12112
 7author: Loginsoft Research Unit 
 8date: 2020/07/03
 9logsource:
10  product: BigBlueButton
11  category: webserver
12detection:
13  selection:
14    c-uri|contains:
15      - '/bigbluebutton/presentation/download/'
16    c-uri-query|contains: 'presFilename=../'
17  condition: selection
18falsepositives:
19  - Unknown
20level: critical```

References

GitHub - tchenu/CVE-2020-12112: BigBlueButton versions lower than 2.2.4 have a LFI vulnerability allowing access to sensitive files. 🚨

BigBlueButton versions lower than 2.2.4 have a LFI vulnerability allowing access to sensitive files. 🚨 - tchenu/CVE-2020-12112

Read More

CVE-2020-12112 Exploitation Attempt

Sigma rule (View on GitHub)

References

GitHub - tchenu/CVE-2020-12112: BigBlueButton versions lower than 2.2.4 have a LFI vulnerability allowing access to sensitive files. 🚨