ET SCAN struts-pwn User-Agent

SID: 2024843Rev: 31 viewsHistory

Sourceet/open

CreatedOctober 16, 2017

UpdatedAugust 13, 2020

Classificationattempted-user

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SCAN struts-pwn User-Agent"; flow:established,to_server; http.user_agent; content:"struts-pwn"; depth:10; fast_pattern; reference:url,github.com/mazen160/struts-pwn_CVE-2017-9805/blob/master/struts-pwn.py; reference:cve,2017-9805; reference:url,paladion.net/paladion-cyber-labs-discovers-a-new-ransomware/; classtype:attempted-user; sid:2024843; rev:3; metadata:affected_product Apache_Struts2, attack_target Web_Server, created_at 2017_10_16, cve CVE_2017_9805, deployment Datacenter, performance_impact Moderate, confidence High, signature_severity Minor, tag CISA_KEV, updated_at 2020_08_13;)

References

url	github.com/mazen160/struts-pwn_CVE-2017-9805/blob/master/struts-pwn.py
cve	2017-9805
url	paladion.net/paladion-cyber-labs-discovers-a-new-ransomware/

Metadata

affected productApache_Struts2

attack targetWeb_Server

created at2017_10_16

cveCVE-2017-9805

deploymentDatacenter

performance impactModerate

confidenceHigh

signature severityMinor

tagCISA_KEV

updated at2020_08_13

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!