Versions (6)
Version DetailsCurrent
Rev: 5 • Jul 24, 2025, 5:44 PMATTACK [PTsecurity] rConfig ajaxServerSettingsChk.php unauth RCE (CVE-2019-16662)
alert http any any -> any any (msg:"ATTACK [PTsecurity] rConfig ajaxServerSettingsChk.php unauth RCE (CVE-2019-16662)"; flow:established, to_server; content:"ajaxserversettingschk.php"; http_uri; nocase; pcre:"/(?:\x3b|\x26|\x7C|%3b|%7c|%26)/iRU"; reference:url, shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662; reference:cve, 2019-16662; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10005501; rev:5;)
Jul 24, 2025, 5:44 PM
Jul 24, 2025, 5:44 PM
Oct 16, 2025, 10:34 AM
Oct 16, 2025, 10:34 AM
rules/ptopen-attacks.rules