ATTACK [PTsecurity] Magento < 2.0.6 Arbitrary write file

SID: 10000042Rev: 11 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ATTACK [PTsecurity] Magento < 2.0.6 Arbitrary write file"; content:"rest/V1/guest-carts/"; http_raw_uri; content:"set-payment-information"; http_raw_uri; fast_pattern; content:"|5C 75 30 30 30 30|"; content:"Magento\\\\Sales\\\\Model\\\\Order\\\\Payment\\\\Transaction"; reference:cve, 2016-4010; reference:url, netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution; classtype:web-application-attack; reference:url, github.com/ptresearch/AttackDetection; sid:10000042; rev:1;)

References

cve	2016-4010
url	netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!