ATTACK [PTsecurity] rConfig ajaxServerSettingsChk.php unauth RCE (CVE-2019-16662)

SID: 10005501Rev: 40 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http any any -> any any (msg:"ATTACK [PTsecurity] rConfig ajaxServerSettingsChk.php unauth RCE (CVE-2019-16662)"; flow:established, to_server; content:"ajaxserversettingschk.php"; http_uri; nocase; pcre:"/(?:\x3b|\x26|\x7C|%3b|%7c|%26)/iRU"; reference:url, shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662; reference:cve, 2019-16662; reference:url, github.com/ptresearch/AttackDetection; classtype:attempted-admin; sid:10005501; rev:4;)

References

url	shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662
cve	2019-16662
url	github.com/ptresearch/AttackDetection

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!