ET EXPLOIT SEOWON INTECH SLC-130 RCE Inbound (No CVE)

SID: 2035952Rev: 20 views
History
Sourceet/open
CreatedApril 14, 2022
UpdatedMarch 10, 2023
Classificationattempted-admin
alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT SEOWON INTECH SLC-130 RCE Inbound (No CVE)"; flow:to_server,established; http.method; content:"POST"; http.request_body; content:"&queriesCnt="; fast_pattern; pcre:"/^(?:\x3b|\x0a|\x26|\x60|\x7C|\x24)/R"; classtype:attempted-admin; sid:2035952; rev:2; metadata:attack_target Networking_Equipment, created_at 2022_04_14, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, updated_at 2023_03_10;)

Metadata

attack targetNetworking_Equipment
created at2022_04_14
deploymentInternal
confidenceHigh
signature severityMajor
updated at2023_03_10

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!