""ET WEB_SPECIFIC_APPS MediaWiki thumb.php RCE""

SID: 2018168

Revision: 2

Class Type: attempted-admin

Metadata: created_at 2014_02_22, cve CVE_2014_1610, updated_at 2014_02_22

Reference:

• cve

• 2014-1610

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: any

Destination Network: $HTTP_SERVERS

Destination Port: $HTTP_PORTS

Flow: to_server,established

Contents:

• Value: "/thumb.php?"

Within:

PCRE: "/&?(?:\s|%20)?(?:%3d|=)(?:\s|%20)?(?:\d|%3[0-9])+?(?:\x3b|%3[bB]|%26)/Ii"

Special Options:

• http_uri

• nocase

source