ET WEB_SPECIFIC_APPS Hoverfly Arbitrary File Read via Traversal Attempt Inbound (CVE-2024-45388)

SID: 2055977Rev: 157 views

Sourceet/open

CreatedSeptember 19, 2024

UpdatedSeptember 19, 2024

Classificationweb-application-attack

alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET WEB_SPECIFIC_APPS Hoverfly Arbitrary File Read via Traversal Attempt Inbound (CVE-2024-45388)"; flow:established,to_server; http.uri; content:"/api/v2/simulation"; fast_pattern; http.request_body; content:"|22|bodyFile|22 3a 20 22|"; pcre:"/^.{0,10}(?:(?:\x2e|%2[Ee]){1,}(?:(?:\x2f|%2[Ee])|(?:\x5c|%5[Cc]))){2,}/R"; reference:cve,2024-45388; classtype:web-application-attack; sid:2055977; rev:1; metadata:affected_product Hoverfly, attack_target Server, created_at 2024_09_19, cve CVE_2024_45388, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, tag Exploit, updated_at 2024_09_19, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)

References

cve	2024-45388

Metadata

affected productHoverfly

attack targetServer

created at2024_09_19

cveCVE-2024-45388

deploymentInternal

confidenceHigh

signature severityMajor

tagExploit

updated at2024_09_19

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1190

mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!