alert http any any -> any any (msg:"ET EXPLOIT Netgear passwordrecovered.cgi attempt"; flow:to_server,established; http.method; content:"POST"; nocase; http.uri; content:"/passwordrecovered.cgi?id="; nocase; reference:url,www.securityfocus.com/archive/1/530743/30/0/threaded; reference:url,www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2017-003/?fid=8911; reference:cve,2017-5521; classtype:attempted-admin; sid:2017969; rev:5; metadata:created_at 2014_01_15, cve CVE_2017_5521, signature_severity Major, updated_at 2020_08_18;)