alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, created_at 2018_06_26, deployment Datacenter, former_category EXPLOIT, signature_severity Major, updated_at 2020_09_16;)

Added 2020-09-16 18:29:36 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, created_at 2018_06_26, deployment Datacenter, former_category EXPLOIT, signature_severity Major, updated_at 2019_09_28;)

Added 2020-08-05 19:14:51 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, deployment Datacenter, signature_severity Major, created_at 2018_06_26, updated_at 2019_09_28;)

Added 2019-10-01 08:29:02 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, deployment Datacenter, signature_severity Major, created_at 2018_06_26, updated_at 2019_09_28;)

Added 2019-10-01 04:23:26 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, deployment Datacenter, signature_severity Major, created_at 2018_06_26, updated_at 2018_07_18;)

Added 2018-09-13 19:54:49 UTC


Added 2018-09-13 18:02:14 UTC


alert http any any -> $HOME_NET any (msg:"ET EXPLOIT TP-Link TL-WR840N/TL-WR841N - Authentication Bypass (DMZ enable and Disable)"; flow:established,to_server; content:"/cgi?2"; http_uri; isdataat:!1,relative; content:"/mainFrame.htm"; http_header; content:"DMZ_HOST_CFG"; fast_pattern; http_client_body; metadata: former_category EXPLOIT; reference:url,exploit-db.com/exploits/44781/; classtype:attempted-user; sid:2025751; rev:2; metadata:affected_product TPLINK, attack_target IoT?, deployment Datacenter, signature_severity Major, created_at 2018_06_26, updated_at 2018_07_18;)

Added 2018-07-18 17:37:08 UTC


Topic revision: r1 - 2020-09-16 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats