alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET EXPLOIT Apache Struts memberAccess and getWriter inbound OGNL injection remote code execution attempt"; flow:to_server,established; content:"|23|_memberAccess"; fast_pattern; http_uri; content:".getWriter"; nocase; http_uri; metadata: former_category EXPLOIT; reference:cve,2018-11776; classtype:attempted-admin; sid:2026094; rev:2; metadata:affected_product Apache_Struts2, attack_target Server, deployment Datacenter, signature_severity Audit, created_at 2018_09_05, updated_at 2018_09_05;)

Added 2018-09-13 19:55:09 UTC


Added 2018-09-13 18:02:27 UTC


alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET EXPLOIT Apache Struts memberAccess and getWriter inbound OGNL injection remote code execution attempt"; flow:to_server,established; content:"|23|_memberAccess"; fast_pattern; http_uri; content:".getWriter"; nocase; http_uri; metadata: former_category EXPLOIT; reference:cve,2018-11776; classtype:attempted-admin; sid:2026094; rev:2; metadata:affected_product Apache_Struts2, attack_target Server, deployment Datacenter, signature_severity Audit, created_at 2018_09_05, updated_at 2018_09_05;)

Added 2018-09-05 17:57:02 UTC


Topic revision: r1 - 2018-09-13 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats