POLICY-OTHER Auerswald COMpact privilege escalation attempt
This rule looks for an HTTP request to a certain endpoint with the 'passwd' variable set to 1.
This rule alerts on an attempt to gather plain text credentials of a user on an Auerswald COMpact device.
Public information/Proof of Concept available
No known false positives
Cisco Talos Intelligence Group
MITRE::ATT&CK Framework::Enterprise::Privilege Escalation::Exploitation for Privilege Escalation
No information provided