ET EXPLOIT Observed Orange LiveBox Router Information Leakage Attempt (CVE-2018-20377)

SID: 2029091Rev: 20 viewsHistory

Sourceet/open

CreatedDecember 3, 2019

UpdatedMarch 24, 2022

Classificationtrojan-activity

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Observed Orange LiveBox Router Information Leakage Attempt (CVE-2018-20377)"; flow:established,to_server; http.request_line; content:"GET|20|"; startswith; content:"/get_getnetworkconf.cgi|20|HTTP/1.1"; fast_pattern; endswith; http.header_names; content:!"Referer"; reference:url,badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials; reference:cve,2018-20377; classtype:trojan-activity; sid:2029091; rev:2; metadata:affected_product Router, attack_target Client_Endpoint, created_at 2019_12_03, cve CVE_2018_20377, deployment Perimeter, signature_severity Major, updated_at 2022_03_24, reviewed_at 2024_02_20;)

References

url	badpackets.net/over-19000-orange-livebox-adsl-modems-are-leaking-their-wifi-credentials
cve	2018-20377

Metadata

affected productRouter

attack targetClient_Endpoint

created at2019_12_03

cveCVE-2018-20377

deploymentPerimeter

signature severityMajor

updated at2022_03_24

reviewed at2024_02_20

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!