[[message.message]]
ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pr... ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)
Here you can find all the details about the rule " ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pr... ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163) ". Propose edits, view related rules, and engage with the community through comments.
[[ currentRule.format.toUpperCase()
]]
[[ currentRule.title ]]
[[ currentRule.editor[0].toUpperCase() ]]
[[ currentRule.author[0].toUpperCase() ]]
[[ currentRule.editor ]]
[[ currentRule.author ]]
|
[[ dayjs.utc(currentRule.last_modif).fromNow() ]]
[[ currentRule.description ]]
Original UUID:
2062137
UUID:
4a2ce0da-19c1-4ac2-8563-c3c1c67d6db6
Created:
19/12/2025
License:
GPL-2.0
Source:
Unknown
Source:
[[ currentRule.source ]]
[[ currentRule.source ]]
Editor:
admin admin
Rule Content
v 1.0 v [[ currentRule.version ]][[ currentRule.to_string ]]{
"uuid": "5497fd2e-9110-459b-ae34-3919db430d02",
"Object": [
{
"name": "suricata",
"meta-category": "network",
"template_uuid": "3c177337-fb80-405a-a6c1-1b2ddea8684a",
"description": "An object describing one or more Suricata rule(s) along with version and contextual information.",
"template_version": "2",
"uuid": "b6a1bcf1-63d7-4e9b-b7ae-c3d1965cd798",
"Attribute": [
{
"uuid": "1ac720bc-a597-410f-b6ea-90fd98a96ccb",
"object_relation": "suricata",
"value": "alert http any any -> $HOME_NET any (msg:\"ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)\"; flow:established,to_server; http.method; content:\"POST\"; http.uri; bsize:21; content:\"/cgi-bin/cgi_main.cgi\"; http.request_body; content:\"cgiName|3d|time_tzsetup.cgi\"; fast_pattern; content:\"ntp|3d|\"; pcre:\"/^[^\\x26]*?(?:(?:\\x3b|%3[Bb])|(?:\\x0a|%0[Aa])|(?:\\x60|%60)|(?:\\x7c|%7[Cc])|(?:\\x24|%24))+/R\"; reference:cve,2023-52163; reference:url,www.akamai.com/blog/security-research/digiever-fix-that-iot-thing; classtype:attempted-admin; sid:2062137; rev:1; metadata:affected_product DigiEver, attack_target IoT, tls_state plaintext, created_at 2025_05_06, cve CVE_2023_52163, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Major, tag Exploit, updated_at 2025_05_06, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:dest_ip;)",
"type": "snort",
"disable_correlation": false,
"to_ids": true,
"category": "Network activity"
},
{
"uuid": "f07ddede-af68-4e9e-a080-4c8d85baebd3",
"object_relation": "suricata-rule-name",
"value": "ET WEB_SPECIFIC_APPS DigiEver DS-2105 Pro time_tzsetup.cgi ntp Parameter Command Injection Attempt (CVE-2023-52163)",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "2d93cf5a-eba0-4cbe-99f5-829e00f89eb5",
"object_relation": "comment",
"value": "No description provided",
"type": "comment",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "ce9eedfd-84c7-46f2-ae5f-71e191960f2e",
"object_relation": "version",
"value": "1",
"type": "text",
"disable_correlation": false,
"to_ids": false,
"category": "Other"
},
{
"uuid": "60285a9a-a9a0-4e79-9bc6-445bfe04b10c",
"object_relation": "reference",
"value": "emerging-all.rules.zip by admin admin",
"type": "link",
"disable_correlation": false,
"to_ids": false,
"category": "External analysis"
}
],
"distribution": "5",
"sharing_group_id": "0"
}
]
}Similar Rules
Related Bundles
[[ bundleListRule.length ]] TotalNo bundles found for this rule.
Loading...
Please log in to propose an edit.
No edit proposals found for this rule.
[[ comments_list.length ]] Comments
Join the conversation
Login to replyCommunity Discussion
No comments yet
Be the first to share your thoughts on this rule!