SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Multiple products DVR admin password leak attempt
This event is generated when an attacker attempts to leak the admin password from various DVR web-apps. Impact: Attempted User Privilege Gain Details: Rule checks for attempts to leak the admin password from various DVR web-apps. Ease of Attack:
This rule fires on attempts to leak passwords for TBK DVR4104 DVR4216 devices.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Information Leak
Information Leakage happens when an attacker manipulates a system into revealing sensitive information, either through malformed input or by taking advantage of another feature of the system.
CVE-2018-9995 |
Loading description
|
Tactic: Credential Access
Technique: Credential Dumping
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org