Skip to content

Hide Navigation Hide TOC

Potential CommandLine Path Traversal Via Cmd.EXE (087790e3-3287-436c-bccf-cbd0184a7db1)

Detects potential path traversal attempt via cmd.exe. Could indicate possible command/argument confusion/hijacking

Cluster A Galaxy A Cluster B Galaxy B Level
Potential CommandLine Path Traversal Via Cmd.EXE (087790e3-3287-436c-bccf-cbd0184a7db1) Sigma-Rules Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern 1
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) Attack Pattern Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern 2