alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT HiSilicon? DVR - Buffer Overflow in Builtin Web Server"; flow:established,to_server; urilen:>200; http_start; content:"GET|20 01 10 8f e2 11 ff|"; depth:10; fast_pattern; content:"aaaaaaaa"; distance:0; metadata: former_category EXPLOIT; reference:url,github.com/tothi/pwn-hisilicon-dvr/blob/master/pwn_hisilicon_dvr.py; classtype:attempted-admin; sid:2027972; rev:2; metadata:affected_product DVR, attack_target IoT?, deployment Perimeter, signature_severity Major, created_at 2019_09_09, updated_at 2019_09_09;)

Added 2019-09-09 19:16:23 UTC


Topic revision: r1 - 2019-09-09 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats