ET SCAN struts-pwn User-Agent
Sourceet/open
Fileemerging-scan.rules
CreatedOctober 16, 2017
UpdatedApril 12, 2024
Classificationattempted-user
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET SCAN struts-pwn User-Agent"; flow:established,to_server ; http.user_agent; content:"struts-pwn"; startswith; fast_pattern; reference:url,github.com/mazen160/struts-pwn_CVE-2017-9805/blob/master/struts-pwn.py ; reference:cve,2017-9805 ; reference:url,paladion.net/paladion-cyber-labs-discovers-a-new-ransomware/ ; classtype:attempted-user; sid:2024843; rev:4; metadata:affected_product Apache_Struts2, attack_target Web_Server, created_at 2017_10_16, cve CVE_2017_9805, deployment Datacenter, performance_impact Moderate, confidence High, signature_severity Minor, tag CISA_KEV, updated_at 2024_04_12;)
References
Metadata
affected productApache_Struts2
attack targetWeb_Server
created at2017_10_16
deploymentDatacenter
performance impactModerate
confidenceHigh
signature severityMinor
tagCISA_KEV
updated at2024_04_12
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!