WEB VanDyke VShell Server Trigger Command Injection (CVE-2022-28054)

Rule ID

1231299

Severity

Critical

Description

A command injection vulnerability has been reported in VanDyke VShell Server. The vulnerability is caused by insufficient sanitization of input passed to trigger action commands.

Impact

Remote command execution

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2022-28054

T1059

T0807

Keywords

N/A

Date Created

2022/06/20

Last Updated

2026/02/03

This website uses cookies to ensure you get the best experience on our website.

Learn more