Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Questions about WP vulnerability CVE-2018-12895

Hi All - Do we know if F5 ASM has ability to detect and block exploits related to WP vulnerability.

The CVE is CVE-2018-12895 -

  1. *https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/ The folks who discovered it. Claims WP has known about this for 7 months and still hasn’t alerted the public. Contains all technical details 2 https://nvd.nist.gov/vuln/detail/CVE-2018-12895

Please let us know what we can do to protect our sites.

Thanks so much !

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

ASM standard directory traversal attack signatures will provide built-in protection from CVE-2018-12895. WordPress v4.9.8 is now out with a fix for this vulnerability.

0