SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Zyxel NAS devices command injection attempt
The rule looks for metacharacters typically used to perform command injection in the vulnerable parameter.
This rule alerts on attempts to exploit a command injection vulnerability in Zyxel NAS devices. Mirai variant Mukashi is known to exploit this vulnerability to infect vulnerable Zyxel NAS devices.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2020-9054 |
Loading description
|
Tactic: Execution
Technique: Execution through API
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org