ET WEB_SPECIFIC_APPS MediaWiki thumb.php RCE

7.0.35.0SID: 2018168Rev: 5Enabled1 views
Sourceet/open
Fileemerging-web_specific_apps.rules
CreatedFebruary 22, 2014
UpdatedApril 7, 2024
Classificationattempted-admin
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS MediaWiki thumb.php RCE"; flow:established,to_server; http.uri; content:"/thumb.php?"; nocase; pcre:"/[&?](?:w(?:idth)|p(?:age))=\d+\s*?[\x3b&]/i"; pcre:"/[&?]f=/i"; http.uri.raw; pcre:"/[&?](?:(?:p|%[57]0)(?:(?:a|%[46]1)(?:g|%[46]7)(?:e|%[46]5))?|(?:w|%[57]7)(?:(?:i|%[46]9)(?:d|%[64]4)(?:t|%[57]4)(?:h|%[64]8))?)(?:\s|%20)*?(?:%3d|=)(?:\s|%20)*?(?:\d|%3[0-9])+?(?:\x3b|%3[bB]|%26)/i"; reference:url,github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/mediawiki_thumb.rb; reference:cve,2014-1610; classtype:attempted-admin; sid:2018168; rev:5; metadata:created_at 2014_02_22, cve CVE_2014_1610, signature_severity Major, updated_at 2024_04_07;)

Metadata

created at2014_02_22
signature severityMajor
updated at2024_04_07

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!