alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"

http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, created_at 2018_06_25, deployment Perimeter, former_category EXPLOIT, signature_severity Major, updated_at 2020_12_03;)

Added 2020-12-04 17:37:14 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"

http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, created_at 2018_06_25, deployment Perimeter, former_category EXPLOIT, signature_severity Major, updated_at 2020_11_20;)

Added 2020-11-20 19:36:50 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, created_at 2018_06_25, deployment Perimeter, former_category EXPLOIT, signature_severity Major, updated_at 2020_11_19;)

Added 2020-11-19 18:26:23 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, created_at 2018_06_25, deployment Perimeter, former_category EXPLOIT, signature_severity Major, updated_at 2020_08_19;)

Added 2020-08-19 18:14:31 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, created_at 2018_06_25, deployment Perimeter, former_category EXPLOIT, signature_severity Major, updated_at 2018_07_18;)

Added 2020-08-05 19:14:50 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; metadata: former_category EXPLOIT; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, deployment Perimeter, signature_severity Major, created_at 2018_06_25, updated_at 2018_07_18;)

Added 2018-09-13 19:54:48 UTC


Added 2018-09-13 18:02:13 UTC


alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT AsusWRT? RT-AC750GF Cross-Site Request Forgery"; flow:from_server,established; file_data; content:"http://router.asus.com/findasus.cgi|22 20|method=|22|POST|22|>"; nocase; content:"name=|22|action_mode|22 20|value=|22|refresh_networkmap|22|"; nocase; distance:0; content:"start_apply.htm?productid="; nocase; distance:0; content:"&current_page=Advanced_System_Content.asp"; nocase; distance:0; content:"&next_page=Advanced_System_Content.asp"; nocase; distance:0; fast_pattern; content:"&action_mode=apply"; nocase; distance:0; content:"&http_username="; nocase; distance:0; content:"&http_passwd="; nocase; distance:0; content:"&sshd_enable="; nocase; distance:0; metadata: former_category EXPLOIT; reference:url,www.exploit-db.com/exploits/44937/; classtype:web-application-attack; sid:2025736; rev:1; metadata:attack_target Networking_Equipment, deployment Perimeter, signature_severity Major, created_at 2018_06_25, updated_at 2018_07_18;)

Added 2018-07-18 17:37:07 UTC


Topic revision: r1 - 2020-12-04 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats