SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Multiple products DVR arbitrary command execution attempt
This event is generated when a user attempts to run some "cmd" via various DVR web-apps. Impact: Attempted User Privilege Gain Details: Rule checks for attempts to run some "cmd" via various DVR web-apps. Ease of Attack:
This rule fires on attempts to execute arbitrary commands on TBK DVR4104 DVR4216 devices.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
N/A
Not Applicable
CVE-2018-9995 |
Loading description
|
Tactic: Execution
Technique: Execution through API
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org