ET EXPLOIT Eir D1000 Modem CWMP Exploit Retrieving Wifi Key

SID: 2023549Rev: 50 viewsHistory

Sourceet/open

CreatedNovember 28, 2016

UpdatedOctober 7, 2020

Classificationtrojan-activity

alert http any any -> any [5555,7547] (msg:"ET EXPLOIT Eir D1000 Modem CWMP Exploit Retrieving Wifi Key"; flow:to_server,established; http.header; content:"urn|3a|dslforum-org|3a|service|3a|Time|3a|1#SetNTPServers"; nocase; fast_pattern; http.request_body; content:"|3c 75 3a 47 65 74 53 65 63 75 72 69 74 79 4b 65 79 73|"; reference:url,devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/; reference:md5,a19d5b596992407796a33c5e15489934; classtype:trojan-activity; sid:2023549; rev:5; metadata:affected_product Eir_D1000_Modem, attack_target Networking_Equipment, created_at 2016_11_28, deployment Perimeter, performance_impact Low, confidence High, signature_severity Major, updated_at 2020_10_07;)

References

url	devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/
md5	a19d5b596992407796a33c5e15489934 Google Search Brave Search

Metadata

affected productEir_D1000_Modem

attack targetNetworking_Equipment

created at2016_11_28

deploymentPerimeter

performance impactLow

confidenceHigh

signature severityMajor

updated at2020_10_07

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!