©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
Talos has added and modified multiple rules in the browser-chrome, malware-cnc, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 2092000.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:66200 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication (malware-cnc.rules) * 1:66201 <-> ENABLED <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication (malware-other.rules) * 1:66202 <-> ENABLED <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication (malware-other.rules) * 1:66203 <-> DISABLED <-> POLICY-OTHER Langflow Public Flow potential arbitrary command execution attempt (policy-other.rules) * 1:66204 <-> DISABLED <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt (server-webapp.rules) * 1:66205 <-> ENABLED <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt (server-webapp.rules) * 1:66206 <-> ENABLED <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt (server-webapp.rules) * 3:66207 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt (server-webapp.rules) * 3:66208 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager job submission detected (policy-other.rules) * 3:66209 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager job submission detected (policy-other.rules)
* 1:60945 <-> DISABLED <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (browser-chrome.rules) * 1:60944 <-> DISABLED <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (browser-chrome.rules)
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 2091801.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:66202 <-> ENABLED <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication (malware-other.rules) * 1:66201 <-> ENABLED <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication (malware-other.rules) * 1:66205 <-> ENABLED <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt (server-webapp.rules) * 1:66206 <-> ENABLED <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt (server-webapp.rules) * 1:66204 <-> DISABLED <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt (server-webapp.rules) * 1:66203 <-> DISABLED <-> POLICY-OTHER Langflow Public Flow potential arbitrary command execution attempt (policy-other.rules) * 1:66200 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication (malware-cnc.rules) * 3:66207 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt (server-webapp.rules) * 3:66208 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager job submission detected (policy-other.rules) * 3:66209 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager job submission detected (policy-other.rules)
* 1:60945 <-> DISABLED <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (browser-chrome.rules) * 1:60944 <-> DISABLED <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (browser-chrome.rules)
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 2091701.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:66203 <-> DISABLED <-> POLICY-OTHER Langflow Public Flow potential arbitrary command execution attempt (policy-other.rules) * 1:66204 <-> DISABLED <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt (server-webapp.rules) * 1:66200 <-> ENABLED <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication (malware-cnc.rules) * 1:66201 <-> ENABLED <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication (malware-other.rules) * 1:66205 <-> ENABLED <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt (server-webapp.rules) * 1:66202 <-> ENABLED <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication (malware-other.rules) * 1:66206 <-> ENABLED <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt (server-webapp.rules) * 3:66207 <-> ENABLED <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt (server-webapp.rules) * 3:66208 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager job submission detected (policy-other.rules) * 3:66209 <-> ENABLED <-> POLICY-OTHER Cisco Smart Software Manager job submission detected (policy-other.rules)
* 1:60945 <-> DISABLED <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (browser-chrome.rules) * 1:60944 <-> DISABLED <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (browser-chrome.rules)
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.2.0.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.3.5.1.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.3.6.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.3.7.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.7.0.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.9.0.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.11.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.15.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.18.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.12.0.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.21.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.35.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.44.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.47.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.11.0.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.12.0.0.
The format of the file is:
gid:sid <-> Message
* 1:301461 <-> MALWARE-OTHER Unix.Webshell.Tas9er variant communication * 1:301462 <-> MALWARE-CNC Unix.Webshell.Generic variant communication * 1:301463 <-> SERVER-WEBAPP Langflow Public Flow arbitrary code execution attempt * 1:66200 <-> MALWARE-CNC Unix.Trojan.AdaptixC2 variant communication * 1:66204 <-> SERVER-WEBAPP Citrix NetScaler RelayState cross site scripting attempt * 1:66205 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 1:66206 <-> SERVER-WEBAPP Fortinet FortiClientEMS 7.4.4 SQL injection attempt * 3:66207 <-> SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt * 3:66208 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected * 3:66209 <-> POLICY-OTHER Cisco Smart Software Manager job submission detected
* 1:300328 <-> BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt
©2026 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.