Potential Centos Web Panel Exploitation Attempt - CVE-2022-44877

Rule Info

Name
Potential Centos Web Panel Exploitation Attempt - CVE-2022-44877
Description
Detects potential exploitation attempts that target the Centos Web Panel 7 Unauthenticated Remote Code Execution CVE-2022-44877
Reference
https://seclists.org/fulldisclosure/2023/Jan/1
Modified
None
Date
2023-01-20 00:00:00
Author
Nasreddine Bencherchali (Nextron Systems)
Tags
attack.initial_access cve.2022.44877 attack.t1190 DEMO
Id
1b2eeb27-949b-4704-8bfa-d8e5cfa045a1
Type
Community Rule
Link to Public Repo
https://github.com/SigmaHQ/sigma/search?q=1b2eeb27-949b-4704-8bfa-d8e5cfa045a1

Rule History

Author
Commit
Title
Date
Nasreddine Bencherchali
7c38a5c49
chore: add nextron authors tag
2023-02-01
frack113
8b321ba0b
Order root rules folder
2023-01-31
frack113
9320bf246
Order root rules folder
2023-01-29
Nasreddine Bencherchali
9fe829af5
feat: new rules related to CVE-2022-44877
2023-01-20
THOR Logo  Scan your endpoints, forensic images or collected files with our portable scanner THOR
  Warning: Access to VALHALLA is rate-limited - once you prove unworthy, access gets denied
  Nextron Systems 2022