Versions (4)
Version DetailsCurrent
Rev: 2 • Oct 6, 2021, 12:00 PMET INFO Suspicious POST to Axis OS (smtptest.cgi)
alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET INFO Suspicious POST to Axis OS (smtptest.cgi)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/axis-cgi/smtptest.cgi"; fast_pattern; reference:url,nozominetworks.com/blog/new-axis-os-security-research-aided-by-transparent-design/; reference:cve,2021-31986; classtype:bad-unknown; sid:2034130; rev:2; metadata:attack_target Server, created_at 2021_10_06, cve CVE_2021_31986, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_04_24;)
Oct 6, 2021, 12:00 PM
Apr 24, 2023, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 8, 2025, 9:34 PM
rules/emerging-info.rules