ET WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M3

SID: 2024279Rev: 30 views
History
Sourceet/open
CreatedMay 5, 2017
UpdatedAugust 5, 2020
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M3"; flow:to_server,established; http.header; content:"substr{"; nocase; fast_pattern; pcre:"/^Host\x3a[^\r\n]+?[\x28\x29\x27\x22\x7b\x7d]/mi"; reference:url,exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html; classtype:web-application-attack; sid:2024279; rev:3; metadata:affected_product Wordpress, attack_target Web_Server, created_at 2017_05_05, cve CVE_2016_10033, deployment Perimeter, signature_severity Major, updated_at 2020_08_05;)

References

urlexploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html

Metadata

affected productWordpress
attack targetWeb_Server
created at2017_05_05
deploymentPerimeter
signature severityMajor
updated at2020_08_05

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!