Versions (2)
Version DetailsCurrent
Rev: 1 • Jun 25, 2024, 12:00 PMET WEB_SPECIFIC_APPS Fanwei eMobile File Upload Vulnerability
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET WEB_SPECIFIC_APPS Fanwei eMobile File Upload Vulnerability"; flow:established,to_server; http.method; content:"POST"; http.uri; urilen:38; content:"/emp/lang2sql?client_type=1&lang_tag=1"; fast_pattern; http.content_type; content:"multipart/form-data|3b 20|"; startswith; reference:url,github.com/wy876/wiki/blob/main/%E5%85%A8%E7%A8%8B%E4%BA%91OA-svc.asmxSQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md; classtype:trojan-activity; sid:2053878; rev:1; metadata:affected_product Fanwei, attack_target Client_Endpoint, tls_state TLSDecrypt, created_at 2024_06_25, deployment Perimeter, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_06_25;)
Jun 25, 2024, 12:00 PM
Jun 25, 2024, 12:00 PM
Jun 25, 2024, 10:01 PM
Aug 11, 2025, 10:35 PM
rules/emerging-web_specific_apps.rules