""ET EXPLOIT Netgear Seventh Inferno CVE-2021-41314 (new line injection)""
SID: 2033969
Revision: 2
Class Type: attempted-dos
Metadata: attack_target Networking_Equipment, created_at 2021_09_16, cve CVE_2021_41314, deployment Perimeter, signature_severity Major, updated_at 2021_09_16
Reference:
-
cve
-
2021-41314
Protocol: tcp
Source Network: any
Source Port: any
Destination Network: [$HOME_NET,$HTTP_SERVERS]
Destination Port: $HTTP_PORTS
Flow:
Contents:
-
Value: "POST"
-
Value: "/cgi/set.cgi?cmd=home_loginAuth"
-
Value: "_ds="
-
Value: "pwd="
Within:
PCRE: "/pwd=[^&\x0d\r]+[\n\x0a]/P"
Special Options:
-
http_method
-
http_uri
-
fast_pattern
-
http_client_body
-
http_client_body