Versions (2)
Version DetailsCurrent
Rev: 1 • Feb 6, 2024, 12:00 PMET WEB_SPECIFIC_APPS Wordpress 3DPrint Lite Plugin Arbitrary File Upload Attempt - PHP webshell Payload (CVE-2021-4436)
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Wordpress 3DPrint Lite Plugin Arbitrary File Upload Attempt - PHP webshell Payload (CVE-2021-4436)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"?action=p3dlite_handle_upload"; endswith; fast_pattern; reference:cve,2021-4436; classtype:trojan-activity; sid:2050738; rev:1; metadata:affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2024_02_06, cve CVE_2021_4436, deployment Perimeter, deployment SSLDecrypt, confidence High, signature_severity Major, updated_at 2024_02_06; target:dest_ip;)
Feb 6, 2024, 12:00 PM
Feb 6, 2024, 12:00 PM
Feb 6, 2024, 11:00 PM
Feb 6, 2024, 11:00 PM
rules/emerging-web_specific_apps.rules