2025776 < Main < EmergingThreats

Main Web>2025776 (2020-11-19, TWikiGuest) (raw view)
 <h2>
 

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Nagios XI Remote Code Execution 3"; flow:established,to_server; content:"/index.php?cmd=submitcommand&command="; http_uri;  content:"&command_data=$("; http_uri; fast_pattern; reference:url,2018-8733; reference:cve,2018-8734; reference:cve,2018-8735; reference:cve,2018-8736; reference:url,exploit-db.com/exploits/44969/; classtype:attempted-user; sid:2025776; rev:2; metadata:attack_target Server, created_at 2018_07_03, deployment Datacenter, former_category EXPLOIT, signature_severity Critical, updated_at 2020_11_19;)

</h2>

Added 2020-11-19 18:26:23 UTC


 %COMMENT{type="threadmode" default="Please enter documentation, comments, false positives, or concerns with this signature. Press the Attach button below to add samples or Pcaps." button="Add to Documentation" }%
 
 <hr>
 


 <h2>
 

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Nagios XI Remote Code Execution 3"; flow:established,to_server; content:"/index.php?cmd=submitcommand&command="; http_uri;  content:"&command_data=$("; http_uri; fast_pattern; reference:url,2018-8733; reference:cve,2018-8734; reference:cve,2018-8735; reference:cve,2018-8736; reference:url,exploit-db.com/exploits/44969/; classtype:attempted-user; sid:2025776; rev:2; metadata:attack_target Server, created_at 2018_07_03, deployment Datacenter, former_category EXPLOIT, signature_severity Critical, updated_at 2020_08_19;)

</h2>

Added 2020-08-19 18:14:31 UTC


 
 <hr>
 


 <h2>
 

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Nagios XI Remote Code Execution 3"; flow:established,to_server; content:"/index.php?cmd=submitcommand&command="; http_uri;  content:"&command_data=$("; http_uri; fast_pattern; reference:url,2018-8733; reference:cve,2018-8734; reference:cve,2018-8735; reference:cve,2018-8736; reference:url,exploit-db.com/exploits/44969/; classtype:attempted-user; sid:2025776; rev:2; metadata:attack_target Server, created_at 2018_07_03, deployment Datacenter, former_category EXPLOIT, signature_severity Critical, updated_at 2018_07_18;)

</h2>

Added 2020-08-05 19:14:53 UTC


 
 <hr>
 


 <h2>
 

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Nagios XI Remote Code Execution 3"; flow:established,to_server; content:"/index.php?cmd=submitcommand&command="; http_uri;  content:"&command_data=$("; http_uri; fast_pattern; metadata: former_category EXPLOIT; reference:url,2018-8733; reference:cve,2018-8734; reference:cve,2018-8735; reference:cve,2018-8736; reference:url,exploit-db.com/exploits/44969/; classtype:attempted-user; sid:2025776; rev:2; metadata:attack_target Server, deployment Datacenter, signature_severity Critical, created_at 2018_07_03, updated_at 2018_07_18;)

</h2>

Added 2018-09-13 19:54:51 UTC


 
 <hr>
 


 <h2>
 


</h2>

Added 2018-09-13 18:02:15 UTC


 
 <hr>
 


 <h2>
 

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Nagios XI Remote Code Execution 3"; flow:established,to_server; content:"/index.php?cmd=submitcommand&command="; http_uri;  content:"&command_data=$("; http_uri; fast_pattern; metadata: former_category EXPLOIT; reference:url,2018-8733; reference:cve,2018-8734; reference:cve,2018-8735; reference:cve,2018-8736; reference:url,exploit-db.com/exploits/44969/; classtype:attempted-user; sid:2025776; rev:2; metadata:attack_target Server, deployment Datacenter, signature_severity Critical, created_at 2018_07_03, updated_at 2018_07_18;)

</h2>

Added 2018-07-18 17:37:09 UTC


 
 <hr>
Topic revision: r1 - 2020-11-19 - TWikiGuest
Main
User Reference
ATasteOfTWiki
TextFormattingRules
Signature Reference
WebRss Feed
EmergingFAQ