SoftGuard is a network management extension which collects inventory, analysis, and debugging data of devices and networks.
SoftGuard Web could allow a remote authenticated attacker to obtain sensitive information, caused by insufficient validation of user-supplied input by the export function and built-in man functionality in the SNMP Network Management Extension component.
By sending a specially crafted request the attacker is able to define the complete path and the filename allowing them to read any arbitrary local file.
PAYLOAD - act=1&x=/etc/passwd&submit=Execute
By turning this into a traffic file and matching rule, we are able to detect attempts to download arbitrary files onto the system, to launch attacks.
Idappcom has created signature 8022802 along with a traffic file.
If you are concerned that your business may be at risk of this vulnerability, or others, why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional