SID 1:52328

Report a false positive

Rule Category

SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.

Alert Message

SERVER-WEBAPP Asus RT-N10 Repeater Mode command injection attempt

Rule Explanation

This event is generated when a CSRF attempt to gain code execution on a Asus RT-N10 router is observed. Impact: Potential Code Execution Details: Asus RT-N10 routers are vulnerable to a CSRF command injection vulnerability when placed into repeater mode. A malicious access point can be spawned and inject the `SystemCmd=` parameter on `/apply.cgi` if an already authenticated user visits the malicious AP. Ease of Attack: Simple

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

None

Additional Links

dl.packetstormsecurity.net/1910-exploits/asusrtn10-xssxsrfexec.txt

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None