alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET INFO Suspicious POST to Axis OS (smtptest.cgi)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/axis-cgi/smtptest.cgi"; fast_pattern; reference:url,nozominetworks.com/blog/new-axis-os-security-research-aided-by-transparent-design/; reference:cve,2021-31986; classtype:bad-unknown; sid:2034130; rev:2; metadata:attack_target Server, created_at 2021_10_06, cve CVE_2021_31986, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_04_24;)