ET WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M2

7.0.35.0SID: 2024278Rev: 5Enabled2 views
Sourceet/open
Fileemerging-web_specific_apps.rules
CreatedMay 5, 2017
UpdatedMarch 25, 2024
Classificationweb-application-attack
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M2"; flow:established,to_server; http.uri; content:"action=lostpassword"; nocase; fast_pattern; http.host; pcre:"/^[^\r\n]+?[\x28\x29\x27\x22\x7b\x7d]/"; reference:url,exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-10033.html; classtype:web-application-attack; sid:2024278; rev:5; metadata:affected_product Wordpress, attack_target Web_Server, created_at 2017_05_05, cve CVE_2016_10033, deployment Perimeter, signature_severity Major, updated_at 2024_03_25;)

Metadata

affected productWordpress
attack targetWeb_Server
created at2017_05_05
deploymentPerimeter
signature severityMajor
updated at2024_03_25

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!