Versions (2)
Version DetailsCurrent
Rev: 3 • May 5, 2017, 12:00 PMET WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M2
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M2"; flow:to_server,established; http.uri; content:"action=lostpassword"; nocase; fast_pattern; http.header; pcre:"/^Host\x3a[^\r\n]+?[\x28\x29\x27\x22\x7b\x7d]/mi"; reference:url,exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html; classtype:web-application-attack; sid:2024278; rev:3; metadata:affected_product Wordpress, attack_target Web_Server, created_at 2017_05_05, cve CVE_2016_10033, deployment Perimeter, signature_severity Major, updated_at 2020_08_05;)
May 5, 2017, 12:00 PM
Aug 5, 2020, 12:00 PM
May 5, 2017, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_specific_apps.rules