Baseline handler Shell Command Injection execution of shell commands and script interpreters rejects Opera users from Indonesia
Opera/9.80 (Android; Opera Mini/32.0.2254/88.150; U; id) Presto/2.12.423 Version/12.16
id here is not the command but the locale
Any fix or workaround?
removing the rule or not checking the header is unsafe
There are a couple of possible workarounds on this one:
1. Exclude this check:
Useful for testing, but not a good idea for production, because this would leave the application open to other vulnerabilities such as shellshock (CVE-2014-6271) and future variants. Go to:
Handler Templates >
User-Agent > (remove args, leave headers) > Code Injection > Add
2. TrafficScript rule:
You could add a TrafficScript rule - make sure it is the top rule, above “Application Firewall”
This would replace the locale code “id” with “Indonesia” which should work?
string.replace(http.getHeader( "User-Agent" ),
"; id) ",
"; Indonesia) "));
If you have time, could you raise a support ticket for this one? That helps our team track this kind of query.