ATTACK [PTsecurity] Cisco Prime Infrastructure < 3.4.1 & 3.3.1 TFTP RCE (CVE-2018-15379)
Sourceptrules/open
Fileptopen-attacks.rules
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert udp any any -> any any (msg:"ATTACK [PTsecurity] Cisco Prime Infrastructure < 3.4.1 & 3.3.1 TFTP RCE (CVE-2018-15379)"; flow:established, from_server ; content:"|00 03 00|"; depth:3; content:"/CSCOlumos/"; content:"runrshell"; distance:0; flowbits:isset, CVE.2018-15379.JSP1 ; reference:cve, 2018-15379 ; reference:url, seclists.org/fulldisclosure/2018/Oct/19 ; reference:url, rules.ptsecurity.com ; classtype:attempted-admin; sid:10003908; rev:1;)
References
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!