""ET EXPLOIT Xiongmai/HiSilicon DVR - Request for Product Details Possible CVE-2017-7577 Exploit Attempt""

SID: 2041450

Revision: 1

Class Type: web-application-attack

Metadata: attack_target IoT, created_at 2022_12_01, cve CVE_2017_7577, deployment Perimeter, performance_impact Low, signature_severity Minor, updated_at 2022_12_01

Reference:

• Link

Protocol: tcp

Source Network: $EXTERNAL_NET

Source Port: any

Destination Network: [$HTTP_SERVERS,$HOME_NET]

Destination Port: any

Flow: established,to_server

Contents:

• Value: "GET"

• Value: "mnt/custom/ProductDefinition"

Within:

PCRE: "/mnt\/custom\/ProductDefinition$/Ui"

Special Options:

• http_method

• http_uri

• nocase

• fast_pattern

source