""ET EXPLOIT DD-WRT UPNP Unauthenticated Buffer Overflow (CVE-2021-27137)""
SID: 2032326
Revision: 2
Class Type: attempted-admin
Metadata: attack_target Networking_Equipment, created_at 2021_03_25, cve CVE_2021_27137, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Major, updated_at 2021_03_25
Reference:
-
cve
-
2021-27137
Protocol: udp
Source Network: any
Source Port: any
Destination Network: $HOME_NET
Destination Port: 1900
Flow:
Contents:
-
Value: "M-SEARCH|20|" Depth: 9
-
Value: "|0d 0a|ST|3a|"
-
Value: "uuid|3a|"
Within: 6
PCRE: "/^[^\r\n]{128,}\r\n/R"
Special Options:
-
nocase
-
fast_pattern