Rule History

SID: 2011669 • Source: et/open

Versions (2)

Version DetailsCurrent

Rev: 6 • Jul 30, 2010, 12:00 PM

Message:

ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek

Rule:

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Linksys WAP54G debug.cgi Shell Access as Gemtek"; flow:established,to_server; http.uri; content:"/debug.cgi"; http.header; content:"Authorization|3a 20|Basic R2VtdGVrOmdlbXRla3N3ZA==|0d 0a|"; reference:url,seclists.org/fulldisclosure/2010/Jun/176; classtype:attempted-admin; sid:2011669; rev:6; metadata:created_at 2010_07_30, signature_severity Major, updated_at 2020_09_03;)

Created:

Jul 30, 2010, 12:00 PM

Updated:

Sep 3, 2020, 12:00 PM

DB Created:

Sep 21, 2024, 3:00 AM

DB Updated:

May 30, 2025, 12:04 AM

Filename:

rules/emerging-exploit.rules