ET EXPLOIT Possible Zavio IP Camera OS Command Injection Attempt Inbound (CVE-2013-2568)

SID: 2038502Rev: 10 viewsHistory

Sourceet/open

CreatedAugust 12, 2022

UpdatedAugust 12, 2022

Classificationattempted-admin

alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT Possible Zavio IP Camera OS Command Injection Attempt Inbound (CVE-2013-2568)"; flow:established,to_server; http.uri; content:"/cgi-bin/mft/"; startswith; fast_pattern; content:"ap="; distance:0; content:"|3b|"; distance:0; pcre:"/[?&]ap=/U"; reference:cve,2013-2568; classtype:attempted-admin; sid:2038502; rev:1; metadata:attack_target Networking_Equipment, created_at 2022_08_12, cve CVE_2013_2568, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, updated_at 2022_08_12, mitre_tactic_id TA0008, mitre_tactic_name Lateral_Movement, mitre_technique_id T1210, mitre_technique_name Exploitation_Of_Remote_Services;)

References

cve

2013-2568

Metadata

attack targetNetworking_Equipment

created at2022_08_12

cveCVE-2013-2568

deploymentInternal

confidenceHigh

signature severityMajor

updated at2022_08_12

mitre tactic idTA0008

mitre tactic nameLateral_Movement

mitre technique idT1210

mitre technique nameExploitation_Of_Remote_Services

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!