ET EXPLOIT Apache RocketMQ Nameserver Arbitrary File Write (CVE-2023-37582)
Sourceet/open
CreatedOctober 27, 2025
UpdatedOctober 27, 2025
Classificationmisc-attack
alert tcp any any -> $HOME_NET any (msg:"ET EXPLOIT Apache RocketMQ Nameserver Arbitrary File Write (CVE-2023-37582)"; flow:established,to_server; content:"|22|code|22 3a|318"; content:"configStorePath|3d|"; content:"productEnvName|3d|"; fast_pattern; reference:url,github.com/Malayke/CVE-2023-37582_EXPLOIT; reference:cve,2023-37582; classtype:misc-attack; sid:2065400; rev:1; metadata:affected_product Apache_RocketMQ, attack_target Networking_Equipment, created_at 2025_10_27, cve CVE_2023_37582, deployment Perimeter, deployment Internal, confidence High, signature_severity Major, updated_at 2025_10_27; target:dest_ip;)
References
Metadata
affected productApache_RocketMQ
attack targetNetworking_Equipment
created at2025_10_27
deploymentInternal
confidenceHigh
signature severityMajor
updated at2025_10_27
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!