alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 1 (ping)"; flow:to_server,established; content:"POST"; http_method; content:"/webpost.cgi"; http_uri; content:"|7b 22 43 66 67 54 79 70 65 22 3a 22 70 69 6e 67 22 2c 22 63 6d 64 22 3a 22 70 69 6e 67 22 2c 22 75 72 6c 22 3a 22|"; http_client_body; fast_pattern; pcre:"/^[^\x22]*[\x24\x60]+/PRi"; reference:url,pierrekim.github.io/blog/2016-04-04-quanta-lte-routers-vulnerabilities.html; classtype:attempted-admin; sid:2022700; rev:2; metadata:created_at 2016_04_05, updated_at 2020_06_30;)

Added 2020-06-30 18:28:25 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 1 (ping)"; flow:to_server,established; content:"POST"; http_method; content:"/webpost.cgi"; http_uri; content:"|7b 22 43 66 67 54 79 70 65 22 3a 22 70 69 6e 67 22 2c 22 63 6d 64 22 3a 22 70 69 6e 67 22 2c 22 75 72 6c 22 3a 22|"; http_client_body; fast_pattern; pcre:"/^[^\x22]*[\x24\x60]+/PRi"; reference:url,pierrekim.github.io/blog/2016-04-04-quanta-lte-routers-vulnerabilities.html; classtype:attempted-admin; sid:2022700; rev:2; metadata:created_at 2016_04_05, updated_at 2016_04_05;)

Added 2018-09-13 19:52:28 UTC


Added 2018-09-13 18:00:51 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 1 (ping)"; flow:to_server,established; content:"POST"; http_method; content:"/webpost.cgi"; http_uri; content:"|7b 22 43 66 67 54 79 70 65 22 3a 22 70 69 6e 67 22 2c 22 63 6d 64 22 3a 22 70 69 6e 67 22 2c 22 75 72 6c 22 3a 22|"; http_client_body; fast_pattern; pcre:"/^[^\x22]*[\x24\x60]+/PRi"; reference:url,pierrekim.github.io/blog/2016-04-04-quanta-lte-routers-vulnerabilities.html; classtype:attempted-admin; sid:2022700; rev:2; metadata:created_at 2016_04_05, updated_at 2016_04_05;)

Added 2017-08-07 21:17:39 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 1 (ping)"; flow:to_server,established; content:"POST"; http_method; content:"/webpost.cgi"; http_uri; content:"|7b 22 43 66 67 54 79 70 65 22 3a 22 70 69 6e 67 22 2c 22 63 6d 64 22 3a 22 70 69 6e 67 22 2c 22 75 72 6c 22 3a 22|"; http_client_body; fast_pattern; pcre:"/^[^\x22]*[\x24\x60]+/PRi"; reference:url,pierrekim.github.io/blog/2016-04-04-quanta-lte-routers-vulnerabilities.html; classtype:attempted-admin; sid:2022700; rev:2;)

Added 2016-04-05 17:59:30 UTC



This topic: Main > 2022700
Topic revision: r1 - 2020-06-30 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats