This alert is triggered when detecting an adversary attempting to exploit a remote code execution vulnerability in the Tenda W302R wireless router. Tenda W302R is a type of wireless router. This vulnerability allows an attacker to gain root-level access and subsequently execute commands with elevated privileges on the affected device.
This alert is triggered when detecting an attempt to exploit a vulnerability in the WebTester application, specifically targeting the install2.php script. WebTester is an online testing and quiz system. The specific rule is designed to detect an adversary trying to exploit a command execution vulnerability in WebTester by injecting malicious commands into the installation process via malicious requests to the "install2.php" file.
This alert is triggered when detecting an adversary attempting to exploit CVE-2013-4983 and CVE-2013-4984 command injection vulnerabilities in the Sophos Web Protection Appliance. Sophos Web Protection Appliance is a security solution designed to filter and monitor web traffic to protect users from web-based threats.
This alert is triggered when an adversary is attempting to exploit the CVE-2013-1330 a vulnerability in Microsoft Office SharePoint by sending malicious serialized viewstate data for evaluation. This vulnerability allows an attacker to execute arbitrary code. SharePoint is a web-based collaboration platform that integrates with Microsoft Office.
This alert is triggered when an adversary is attempting to exploit CVE-2013-3576 a command injection vulnerability in the HP System Management tool. This vulnerability allows attackers to execute arbitrary commands with the privileges of the application. HP System Management tool is a suite of utilities provided by Hewlett-Packard for server and network management.