date=2022-06-03
time=14:23:25
srcip=59.93.18.147
attack="Dasan.GPON.Remote.Code.Execution"
srcpo ...
show moredate=2022-06-03
time=14:23:25
srcip=59.93.18.147
attack="Dasan.GPON.Remote.Code.Execution"
srcport=51645
dstport=80
show less
date=2022-06-05
time=23:09:18
srcip=85.159.208.15
attack="Apache.Log4j.Error.Log.Remote.Code.Exec ...
show moredate=2022-06-05
time=23:09:18
srcip=85.159.208.15
attack="Apache.Log4j.Error.Log.Remote.Code.Execution"
srcport=47910
dstport=80
show less
date=2022-05-22
time=23:42:09
srcip=213.52.129.94
attack="PHP.Charts.PHP.Code.Execution"
srcp ...
show moredate=2022-05-22
time=23:42:09
srcip=213.52.129.94
attack="PHP.Charts.PHP.Code.Execution"
srcport=35121
dstport=80
show less
date=2022-05-10
time=04:34:16
srcip=37.120.193.247
attack="Honeywell.IPCam.Information.Disclosure ...
show moredate=2022-05-10
time=04:34:16
srcip=37.120.193.247
attack="Honeywell.IPCam.Information.Disclosure"
srcport=43691
dstport=80
show less
date=2022-05-02
time=19:23:06
srcip=34.68.168.198
attack="Linksys.DirecTV.WVB.HTTP.Header.Remote. ...
show moredate=2022-05-02
time=19:23:06
srcip=34.68.168.198
attack="Linksys.DirecTV.WVB.HTTP.Header.Remote.Command.Execution"
srcport=52654
dstport=80
show less
date=2022-04-30
time=14:38:39
srcip=34.71.69.30
attack="Linksys.DirecTV.WVB.HTTP.Header.Remote.Co ...
show moredate=2022-04-30
time=14:38:39
srcip=34.71.69.30
attack="Linksys.DirecTV.WVB.HTTP.Header.Remote.Command.Execution"
srcport=40402
dstport=80
show less
date=2022-04-26
time=21:35:32
srcip=59.178.91.103
attack="D-Link.Devices.HNAP.SOAPAction-Header.C ...
show moredate=2022-04-26
time=21:35:32
srcip=59.178.91.103
attack="D-Link.Devices.HNAP.SOAPAction-Header.Command.Execution"
srcport=33876
dstport=80
show less
Cisco.HyperFlex.HX.storfs-asup.Handling.Command.Injection
description-logoDescription
This indicat ...
show moreCisco.HyperFlex.HX.storfs-asup.Handling.Command.Injection
description-logoDescription
This indicates an attack attempt to exploit a Command Injection Vulnerability in Cisco Systems HyperFlex Software.
The vulnerability is due to improper input sanitization. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the web-based management interface of the target server. Successful exploitation could lead to execution of arbitrary code in the context of the target process.
affected-products-logoAffected Products
Cisco Systems HyperFlex Software prior to 4.0(2e)
Cisco Systems HyperFlex Software prior to 4.5(2a)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
recomended-action-logoRecommended Actions
Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR
show less
date=2022-04-04
time=23:55:59
srcip=185.130.92.100
srccountry="United Kingdom"
attack="Apache.Ex ...
show moredate=2022-04-04
time=23:55:59
srcip=185.130.92.100
srccountry="United Kingdom"
attack="Apache.Expect.Header.XSS"
srcport=47104
dstport=443
date=2022-04-05
time=01:29:02
srcip=185.130.92.100
srccountry="United Kingdom"
attack="Apache.Expect.Header.XSS"
srcport=35182
dstport=443
Apache.Expect.Header.XSS
Description
This indicates an attempt to exploit a cross site scripting (XSS) vulnerability in Apache HTTP Server.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "Expect" header. It can be exploited to launch cross site scripting attacks using web client components that can send arbitrary headers in requests.
Affected Products
Apache versions prior to 1.3.35
Apache versions prior to 2.0.58
Apache versions prior to 2.2.2
Impact
System compromise: cross site scripting.
Recommended Actions
Apply the latest update from the vendor
http://httpd.apache.org/
show less
date="2022-03-15"
time="18:47:06"
srccountry="United States of America"
dstip="13.248.148.254"
s ...
show moredate="2022-03-15"
time="18:47:06"
srccountry="United States of America"
dstip="13.248.148.254"
srcport="51141"
dstport="80"
direction="incoming"
url="http://ofice.com/"
show less