Versions (4)
Version DetailsCurrent
Rev: 1 • Dec 2, 2022, 12:00 PMET EXPLOIT Xiongmai/HiSilicon DVR - Successful Telnet Opening - Successful CVE-2020-22253 Attempt
alert tcp-pkt $HOME_NET 9530 -> any any (msg:"ET EXPLOIT Xiongmai/HiSilicon DVR - Successful Telnet Opening - Successful CVE-2020-22253 Attempt"; flow:established,to_client; flowbits:isset,ET.CVE-2020-22253; flowbits:isset,ET.CVE-2020-22253_stage2; content:"Open:OK"; reference:url,habr.com/en/post/486856/; reference:url,vulncheck.com/blog/xiongmai-iot-exploitation; reference:url,github.com/tothi/hs-dvr-telnet; reference:cve,2020-22253; classtype:successful-admin; sid:2041648; rev:1; metadata:attack_target IoT, created_at 2022_12_02, cve CVE_2020_22253, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_12_02;)
Dec 2, 2022, 12:00 PM
Dec 2, 2022, 12:00 PM
Sep 21, 2024, 3:00 AM
Aug 27, 2025, 9:35 PM
rules/emerging-exploit.rules