ET WEB_SPECIFIC_APPS Wordpress 3DPrint Lite Plugin Arbitrary File Upload Attempt - PHP webshell Payload (CVE-2021-4436) - Suricata Rule 2050738 (et/open)

ET WEB_SPECIFIC_APPS Wordpress 3DPrint Lite Plugin Arbitrary File Upload Attempt - PHP webshell Payload (CVE-2021-4436)

SID: 2050738Rev: 12 viewsHistory

Sourceet/open

CreatedFebruary 6, 2024

UpdatedFebruary 6, 2024

Classificationtrojan-activity

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Wordpress 3DPrint Lite Plugin Arbitrary File Upload Attempt - PHP webshell Payload (CVE-2021-4436)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"?action=p3dlite_handle_upload"; endswith; fast_pattern; reference:cve,2021-4436; classtype:trojan-activity; sid:2050738; rev:1; metadata:affected_product Wordpress_Plugins, attack_target Web_Server, created_at 2024_02_06, cve CVE_2021_4436, deployment Perimeter, deployment SSLDecrypt, confidence High, signature_severity Major, updated_at 2024_02_06; target:dest_ip;)

References

cve

2021-4436

Metadata

affected productWordpress_Plugins

attack targetWeb_Server

created at2024_02_06

cveCVE-2021-4436

deploymentSSLDecrypt

confidenceHigh

signature severityMajor

updated at2024_02_06

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!