This alert is triggered when detecting an attempt to exploit CVE-2013-5486 a directory traversal vulnerability in Cisco Prime Data Center Network Manager (DCNM) The Cisco Prime DCNM is a management solution for data centers. This rule is particularly looking for requests aimed to manipulate the 'chartid' parameter to gain unauthorized access to files and directories outside the intended path.
This alert is triggered when detecting an adversary attempting to exploit a remote code execution vulnerability in the Tenda W302R wireless router. Tenda W302R is a type of wireless router. This vulnerability allows an attacker to gain access and subsequently execute commands with elevated privileges on the affected device.
This alert is triggered when an adversary is attempting to exploit CVE-2013-4822 a file upload vulnerability in the HP Intelligent Management Center (IMC) BIMS UploadServlet. HP Intelligent Management Center (IMC) is an integrated management platform for IT networks. The rule checks for a specific pattern indicating malicious file upload activity. Legitimate uploads to HP IMC shouldn't be attempting to traverse directories or upload JSP files in this manner.
This alert is triggered when detecting an adversary attempt to exploit CVE-2013-4837 a directory traversal vulnerability in the HP LoadRunner, which could allow them to read arbitrary files on the server. HP LoadRunner is a software testing tool from HP. It is used to test applications and to measure system behavior, and performance under load. The rule checks for a specific pattern indicating an attempt at directory traversal, where an attacker tries to access and read files and directories that are stored outside the web root folder.
This alert is triggered when detecting an adversary attempting to exploit CVE-2013-4983 and CVE-2013-4984 command injection vulnerabilities in the Sophos Web Protection Appliance. Sophos Web Protection Appliance is a security solution designed to filter and monitor web traffic to protect users from web-based threats.
This alert is triggered when detecting an attempt to exploit a vulnerability in the WebTester application, specifically targeting the install2.php script. WebTester is an online testing and quiz system. The specific rule is designed to detect an adversary trying to exploit a command execution vulnerability in WebTester by injecting malicious commands into the installation process via malicious requests to the "install2.php" file.
This alert is triggered when detecting an adversary attempting to exploit a remote code execution vulnerability in the Tenda W302R wireless router. Tenda W302R is a type of wireless router. This vulnerability allows an attacker to gain root-level access and subsequently execute commands with elevated privileges on the affected device.
This alert is triggered when an adversary is attempting to exploit CVE-2013-3576 a command injection vulnerability in the HP System Management tool. This vulnerability allows attackers to execute arbitrary commands with the privileges of the application. HP System Management tool is a suite of utilities provided by Hewlett-Packard for server and network management.
This alert is triggered when an adversary is attempting to exploit CVE-2013-3576 a command injection vulnerability in the HP System Management tool. This vulnerability allows attackers to execute arbitrary commands with the privileges of the application. HP System Management tool is a suite of utilities provided by Hewlett-Packard for server and network management.
This alert is triggered when an adversary is attempting to exploit the CVE-2013-1330 a vulnerability in Microsoft Office SharePoint by sending malicious serialized viewstate data for evaluation. This vulnerability allows an attacker to execute arbitrary code. SharePoint is a web-based collaboration platform that integrates with Microsoft Office.