alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Struts ognl inbound OGNL injection remote code execution attempt"; flow:to_server,established; content:"${"; http_uri; content:"ognl|2E|"; distance:0; http_uri;fast_pattern; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2018-11776; classtype:attempted-admin; sid:2026031; rev:1; metadata:affected_product Apache_Struts2, attack_target Server, deployment Datacenter, signature_severity Minor, created_at 2018_08_24, updated_at 2018_08_24;)

Added 2018-09-13 19:55:08 UTC


Added 2018-09-13 18:02:26 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Apache Struts ognl inbound OGNL injection remote code execution attempt"; flow:to_server,established; content:"${"; http_uri; content:"ognl|2E|"; distance:0; http_uri;fast_pattern; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,2018-11776; classtype:attempted-admin; sid:2026031; rev:1; metadata:affected_product Apache_Struts2, attack_target Server, deployment Datacenter, signature_severity Minor, created_at 2018_08_24, updated_at 2018_08_24;)

Added 2018-08-24 17:18:08 UTC


Topic revision: r1 - 2018-09-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats