ET EXPLOIT Possible Uniview IPC2322lb updatecpld Restricted Shell Bypass Attempt

SID: 2051785Rev: 160 viewsHistory

Sourceet/open

CreatedMarch 25, 2024

UpdatedMarch 25, 2024

Classificationbad-unknown

alert tcp any any -> $HOME_NET 23 (msg:"ET EXPLOIT Possible Uniview IPC2322lb updatecpld Restricted Shell Bypass Attempt"; flow:established,to_server; content:"User|40 2f|"; content:">updatecpld "; nocase; within:30; fast_pattern; reference:url,ssd-disclosure.com/ssd-advisory-uniview-ipc2322lb-auth-bypass-and-cli-escape/; classtype:bad-unknown; sid:2051785; rev:1; metadata:affected_product IoT, attack_target IoT, tls_state plaintext, created_at 2024_03_25, deployment Perimeter, confidence Low, signature_severity Major, updated_at 2024_03_25; target:dest_ip;)

References

url	ssd-disclosure.com/ssd-advisory-uniview-ipc2322lb-auth-bypass-and-cli-escape/

Metadata

affected productIoT

attack targetIoT

tls stateplaintext

created at2024_03_25

deploymentPerimeter

confidenceLow

signature severityMajor

updated at2024_03_25

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!