Rule Category

SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.

Alert Message

SERVER-WEBAPP LB-Link Multiple BL Routers command injection attempt

Rule Explanation

This rule looks for command injection metacharacters sent to the LB-Link BL Routers in the request parameters.

What To Look For

This rule triggers on command injection metacharacters sent to the LB-Link BL Routers in the request parameters.

Known Usage

Public information/Proof of Concept available

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

MITRE::ATT&CK Framework::Enterprise::Initial Access::Exploit Public-Facing Application

CVE

None

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None