Versions (3)
Version DetailsCurrent
Rev: 2 • Apr 14, 2016, 12:00 PMET EXPLOIT Open MGate Device
alert tcp any !80 -> $HOME_NET any (msg:"ET EXPLOIT Open MGate Device"; flow:established,from_server; content:"Model name|20|"; pcre:"/^\x20+\x3a\x20MGate/R"; content:"|0d 00 0a|MAC address|20|"; distance:0; pcre:"/^\x20+\x3a\x20(?:[0-9A-F]{2}\x3a){5}[0-9A-F]{2}\x0d\x00\x0a/R"; classtype:successful-admin; sid:2022732; rev:2; metadata:created_at 2016_04_14, signature_severity Major, updated_at 2019_07_26;)
Apr 14, 2016, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit.rules