alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, deployment Datacenter, signature_severity Major, created_at 2018_06_26, updated_at 2018_07_18;)

Added 2018-09-13 19:54:49 UTC


Added 2018-09-13 18:02:14 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, deployment Datacenter, signature_severity Major, created_at 2018_06_26, updated_at 2018_07_18;)

Added 2018-07-18 17:37:08 UTC


Topic revision: r1 - 2018-09-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats