Help
FortiNDRCloud
SaaS based NDR solution providing 365 days data retention, along with Technical Success Manager
kcheung
Staff
Staff

Created on ‎05-03-2024 11:02 AM

Article Id 313024

FortiGuard Outbreak Alert: C-DATA Web Management System RCE Attack

Description

C-DATA is a leading provider of data access and connectivity solutions.

 

C-DATA Web Management System has a remote code execution vulnerability which allows attackers to send a specially crafted HTTP POST request to the application and execute arbitrary OS commands on the target system.

CVE ID

 CVE-2022-4257 (https://nvd.nist.gov/vuln/detail/CVE-2022-4257)

NDR Cloud Detection Rule

FortiNDR Cloud v2024.4+ 

Detection Rule Name

Category

Primary MITRE ID

FortiGuard Outbreak Alert: C-DATA Web Management Remote Code Execution

Attack: Exploitation 

T1190 - Exploit Public-Facing Application

Playbook

 N/A

Threat hunting

 FortiNDR Cloud users can use the following IOCs from Fortinet to hunt for “C-DATA Web Management System RCE Attack” related activities
IOC source: https://www.fortiguard.com/outbreak-ioc?tag=c%20data%20rce%20attack
Suricata Coverage N/A

Other Fortinet Products

For more details regarding mitigating the vulnerability by utilizing Fortinet products, please refer to  
https://www.fortiguard.com/outbreak-alert/c-data-rce-attack
81
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.