ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution CVE-2014-8361
Sourceet/open
Fileemerging-exploit.rules
CreatedDecember 5, 2017
UpdatedApril 20, 2024
Classificationattempted-user
alert http any any -> $HOME_NET 52869 (msg:"ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution CVE-2014-8361"; flow:established,to_server ; urilen:12; http.method; content:"POST"; http.uri; content:"/picdesc.xml"; http.header; header_lowercase; content:"soapaction|3a 20|urn|3a|schemas-upnp-org|3a|service|3a|WANIPConnection|3a|"; reference:url,blog.netlab.360.com/warning-satori-a-new-mirai-variant-is-spreading-in-worm-style-on-port-37215-and-52869-en/ ; reference:cve,CVE-2014-8361 ; reference:url,github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/realtek_miniigd_upnp_exec_noauth.rb ; reference:url,www.exploit-db.com/exploits/37169/ ; classtype:attempted-user; sid:2025132; rev:4; metadata:attack_target IoT, created_at 2017_12_05, confidence Medium, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_04_20;)
References
Metadata
attack targetIoT
created at2017_12_05
confidenceMedium
signature severityMajor
tagDescription_Generated_By_Proofpoint_Nexus
updated at2024_04_20
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!