SID: 2030121

Revision: 2

Class Type: web-application-attack

Metadata: affected_product Router, attack_target Client_Endpoint, created_at 2020_05_07, deployment Perimeter, signature_severity Major, updated_at 2020_05_07

Reference:

Protocol: tcp

Source Network: $HOME_NET

Source Port: any

Destination Network: $EXTERNAL_NET

Destination Port: $HTTP_PORTS

Flow: established,to_server

Contents:

  • Value: "GET"

  • Value: "/cgi-bin/system_mgr.cgi?cmd=cgi_sms_test&command1=" Depth: 50

Within:

PCRE:

Special Options:

  • http_method

  • http_uri

  • fast_pattern

source