Versions (5)
Version DetailsCurrent
Rev: 1 • Sep 6, 2022, 12:00 PMET EXPLOIT NetGear WNR2000v5 Buffer Overflow Attempt Inbound (CVE-2017-6862)
alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT NetGear WNR2000v5 Buffer Overflow Attempt Inbound (CVE-2017-6862)"; flow:to_server,established; http.method; content:"GET"; http.uri; bsize:>1000; content:"unauth.cgi"; fast_pattern; content:"timestamp="; reference:cve,2017-6862; classtype:attempted-admin; sid:2038736; rev:1; metadata:attack_target Networking_Equipment, created_at 2022_09_06, cve CVE_2017_6862, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag CISA_KEV, updated_at 2022_09_06;)
Sep 6, 2022, 12:00 PM
Sep 6, 2022, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 21, 2024, 3:00 AM
rules/emerging-exploit.rules