SID 1:51561

Report a false positive

Rule Category

SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.

Alert Message

SERVER-WEBAPP HooToo HT-TMO5 Travel router command injection attempt

Rule Explanation

This event is generated when an attack attempt against internal HooToo web services is detected Impact: Web Application Attack Details: A command injection is possible in the &mac parameter of the URI and can execute code on the filesystem. Ease of Attack: Simple, an ExploitDB proof of concept exists.

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2018-20841

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2018-20841
 Loading description