These alerts are triggered when detecting the injection of malicious Object-Graph Navigation Language (OGNL) expressions in an HTTP request. OGNL is an expression language used by the Apache Struts framework. These alerts are triggered when an adversary is attempting to gain unauthorized access or execute malicious commands on the server by exploiting the following vulnerabilities CVE-2018-11776, CVE-2013-2134, and CVE-2013-2135.
This alert is triggered when detecting an attempt to download or transfer the EICAR test file. The EICAR test string is used to test the responsiveness of computer antivirus programs. It poses no security risk but triggers antivirus software in the same manner as a real virus. This alert may be triggered when an adversary is attempting to test the effectiveness or presence of an antivirus solution on a system by trying to download or transfer the EICAR test string.
This alert is triggered when detecting an attempt to access the Adobe ColdFusion administration interface. Adobe ColdFusion is a powerful web application development platform. This alert may be triggered when an adversary is attempting to gain unauthorized access to the ColdFusion admin interface.
These alerts are triggered when detecting an attempt to exploit the Bash Shellshock vulnerability via CGI scripts on a web server. The Bash Shellshock vulnerability is a severe security flaw in the Unix Bash shell that, when exploited, allows an attacker to execute arbitrary commands on a vulnerable system, potentially gaining unauthorized access or control.
These alerts are triggered when detecting an attempt to exploit the Bash Shellshock vulnerability via CGI scripts on a web server. The Bash Shellshock vulnerability is a severe security flaw in the Unix Bash shell that, when exploited, allows an attacker to execute arbitrary commands on a vulnerable system, potentially gaining unauthorized access or control.