This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to leverage an arbitrary file upload vulnerability in Kaseya uploadImage components which could result in arbitrary code execution.
Kaseya is a remote-management software.
The application is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to properly validate file extensions when uploading through the '/SystemTab/UploadImage.asp' script.
An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.
- Versions prior to Kaseya 22.214.171.124 are vulnerable.