Versions (2)
Version DetailsCurrent
Rev: 4 • Sep 9, 2019, 12:00 PMET EXPLOIT HiSilicon DVR - Buffer Overflow in Builtin Web Server
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT HiSilicon DVR - Buffer Overflow in Builtin Web Server"; flow:established,to_server; urilen:>200; http.start; content:"GET|20 01 10 8f e2 11 ff|"; depth:10; fast_pattern; content:"aaaaaaaa"; distance:0; reference:url,github.com/tothi/pwn-hisilicon-dvr/blob/master/pwn_hisilicon_dvr.py; classtype:attempted-admin; sid:2027972; rev:4; metadata:affected_product DVR, attack_target IoT, created_at 2019_09_09, deployment Perimeter, confidence High, signature_severity Major, updated_at 2020_09_03;)
Sep 9, 2019, 12:00 PM
Sep 3, 2020, 12:00 PM
Sep 9, 2019, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-exploit.rules