Intrusion Prevention

Emerson.Dixell.XWEB-500.Arbitrary.File.Write

Description

This indicates an attack attempt to exploit an Arbitrary File Write Vulnerability in Emerson Dixell XWEB-500.
The vulnerability is due to insufficient validation when handling files in the application. A remote attacker could exploit this vulnerability by sending crafted requests to the target server without any kind of authentication mechanism. Successful exploitation could result in arbitrary file creation and, in the worst case, remote code execution.

Affected Products

Emerson Dixell XWEB-500

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor-supplied patch for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2024-05-27	27.793	Modified	Sig Added
2024-05-21	27.790	Modified	Default_action:pass:drop
2024-05-15	27.788	Modified	Sig Added
2024-05-08	27.782	New

ID	55639
Created	Apr 30, 2024
Updated	May 27, 2024
CVE ID
Risk
Exploit Prediction Score	82.25%
Default Action	drop
Active
Affected OS	Other
Affected App	Other
Profile Type	Permission/Privilege/Access Control

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

Emerson.Dixell.XWEB-500.Arbitrary.File.Write

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

Emerson.Dixell.XWEB-500.Arbitrary.File.Write

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center