ATTACK [PTsecurity] Apache Continuum <= v1.4.2 CMD Injection

SID: 10000048Rev: 333 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Apache Continuum <= v1.4.2 CMD Injection"; content:"POST"; http_method; content:"/continuum/saveInstallation.action"; offset:0; depth:34; http_uri; content:"installation.varValue="; nocase; http_client_body; pcre:"/^[^&]*(?:\x60|%60|\x7c|%7c|\x3b|%3b|\x24\x28|%24%28|\x24\x7b|%24%7b|%0a)/iRP"; flow:to_server, established; reference:url, exploit-db.com/exploits/39886; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10000048; rev:3;)

References

urlexploit-db.com/exploits/39886
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!