RCE Bypass · Issue #4112 · coreruleset/coreruleset · GitHub

8000 RCE Bypass · Issue #4112 · coreruleset/coreruleset · GitHub

More Web Proxy on the site http://driver.im/

RCE Bypass #4112

Open

Open

RCE Bypass#4112

Labels

➖ False Negative - Evasion

Description

Payload:

\id

\``command`

How to reproduce the misbehavior (-> curl call)

curl -H "x-format-output: txt-matched-rules" "https://sandbox.coreruleset.org/?test=%5Cid" -H "x-crs-version: nightly" -H "x-crs-paranoia-level: 4"

curl -H "x-format-output: txt-matched-rules" "https://sandbox.coreruleset.org/?test=%5C%60%60command%60" -H "x-crs-version: nightly"

Metadata

Assignees

No one assigned

Labels

➖ False Negative - Evasion

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

0