ET EXPLOIT PTZOptics PT30X Successful Authentication Bypass (CVE-2024-8956)

SID: 2057227Rev: 210 viewsHistory

Sourceet/open

CreatedNovember 4, 2024

UpdatedNovember 26, 2024

Classificationsuccessful-admin

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT PTZOptics PT30X Successful Authentication Bypass (CVE-2024-8956)"; flow:established,to_client; flowbits:isset,ET.2024.8956; http.response_body; bsize:33; content:"|7b 22|Response|22 3a 7b 22|Result|22 3a 22|Success|22 7d 7d|"; fast_pattern; reference:cve,2024-8956; reference:url,nvd.nist.gov/vuln/detail/CVE-2024-8956; reference:url,labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce; classtype:successful-admin; sid:2057227; rev:2; metadata:affected_product IP_Camera, created_at 2024_11_04, cve CVE_2024_8956, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_11_26, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)

References

cve	2024-8956
url	nvd.nist.gov/vuln/detail/CVE-2024-8956
url	labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce

Metadata

affected productIP_Camera

created at2024_11_04

cveCVE-2024-8956

deploymentSSLDecrypt

confidenceHigh

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2024_11_26

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1190

mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!