""ET EXPLOIT Realtek eCos RSDK/MSDK Stack-based Buffer Overflow Attempt Inbound (CVE-2022-27255)""
SID: 2038669
Revision: 1
Class Type: attempted-admin
Metadata: created_at 2022_08_30, cve CVE_2022_27255, confidence High, updated_at 2022_08_30
Reference:
-
cve
-
2022-27255
Protocol: udp
Source Network: any
Source Port: any
Destination Network: [$HOME_NET,$HTTP_SERVERS]
Destination Port: any
Flow:
Contents:
-
Value: "|20|SIP|2f|"
-
Value: "m=audio|20|"
Within:
PCRE: "/^\d+\s*[^\r\n]{50,}/R"
Special Options:
- fast_pattern