Rule History

alert http $HOME_NET any -> any any (msg:"ET WEB_SPECIFIC_APPS Vulnerable aiohttp Server Version Response (CVE-2024-23334)"; flow:established,to_client; http.server; content:"aiohttp|2f|"; fast_pattern; pcre:"/^(?:1\x2e(?:0\x2e[6-9]|[1-9]\x2e\d)|2\x2e\d\x2e(?:0(?:rc1)?|[1-9]){1,2}|3\x2e[0-6]\x2e[0-1])\x0d\x0a/R"; reference:cve,2024-23334; classtype:web-application-activity; sid:2056093; rev:2; metadata:attack_target Server, tls_state plaintext, created_at 2024_09_24, cve CVE_2024_23334, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Major, tag Exploit, updated_at 2024_09_25, reviewed_at 2025_08_26, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)