ET EXPLOIT Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution (CVE-2020-12133)

SID: 2034260Rev: 20 viewsHistory

Sourceet/open

CreatedOctober 27, 2021

UpdatedApril 6, 2023

Classificationattempted-admin

alert http any any -> [$HOME_NET,$HTTP_SERVERS] 8080 (msg:"ET EXPLOIT Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution (CVE-2020-12133)"; flow:established,to_server; http.method; content:"POST"; bsize:4; http.uri; pcre:"/\x2f(?:FURUKAWA|APROS)\x2f/i"; http.request_body; content:"javax.faces.ViewState"; nocase; fast_pattern; content:"|3a|"; distance:0; content:"|22|"; distance:0; reference:url,packetstormsecurity.com/files/157383/Furukawa-Electric-ConsciusMAP-2.8.1-Java-Deserialization-Remote-Code-Execution.html; reference:cve,2020-12133; classtype:attempted-admin; sid:2034260; rev:2; metadata:created_at 2021_10_27, cve CVE_2020_12133, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_04_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application;)

References

url	packetstormsecurity.com/files/157383/Furukawa-Electric-ConsciusMAP-2.8.1-Java-Deserialization-Remote-Code-Execution.html
cve	2020-12133

Metadata

created at2021_10_27

cveCVE-2020-12133

confidenceHigh

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2023_04_06

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1190

mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!