ET EXPLOIT Sangoma Asterisk Originate AMI RCE (CVE-2019-18610) (PoC Based)

SID: 2035014Rev: 20 viewsHistory

Sourceet/open

CreatedJanuary 28, 2022

UpdatedJanuary 28, 2022

Classificationattempted-admin

alert tcp any any -> any any (msg:"ET EXPLOIT Sangoma Asterisk Originate AMI RCE (CVE-2019-18610) (PoC Based)"; content:"Action|3a 20|Originate"; nocase; distance:0; fast_pattern; content:"Data|3a|"; nocase; distance:0; content:"|20|/tmp/"; nocase; within:45; reference:cve,2019-18610; classtype:attempted-admin; sid:2035014; rev:2; metadata:created_at 2022_01_28, cve CVE_2019_18610, deployment Perimeter, deployment Internal, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_01_28;)

References

cve	2019-18610

Metadata

created at2022_01_28

cveCVE-2019-18610

deploymentInternal

confidenceMedium

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2022_01_28

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!