Snort - Network Intrusion Detection & Prevention System

Talos Rules 2026-04-23

This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the and server-webapp rule sets to provide coverage for emerging threats from these technologies.

For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.

Change logs

29200

2026-04-23 13:31:35 UTC

Snort Subscriber Rules Update

Date: 2026-04-23

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 2092000.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:66354 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66355 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66356 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66357 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66358 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66359 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66360 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66361 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66362 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66363 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66364 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66365 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66366 <-> DISABLED <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt (server-webapp.rules)
 * 1:66367 <-> DISABLED <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt (server-webapp.rules)
 * 1:66368 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66369 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66370 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66371 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66372 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66373 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66374 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66375 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66376 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 3:66377 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66378 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66379 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66380 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-other.rules)

Modified Rules:


 * 1:66336 <-> DISABLED <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt (server-webapp.rules)

29181

2026-04-23 13:31:35 UTC

Snort Subscriber Rules Update

Date: 2026-04-23

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 2091801.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:66369 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66368 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66370 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66375 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66376 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66356 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66354 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66357 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66358 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66359 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66360 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66361 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66362 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66363 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66364 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66365 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66366 <-> DISABLED <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt (server-webapp.rules)
 * 1:66367 <-> DISABLED <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt (server-webapp.rules)
 * 1:66372 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66371 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66373 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66374 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66355 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 3:66377 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66378 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66379 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66380 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-other.rules)

Modified Rules:


 * 1:66336 <-> DISABLED <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt (server-webapp.rules)

29171

2026-04-23 13:31:35 UTC

Snort Subscriber Rules Update

Date: 2026-04-23

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 2091701.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:66369 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66370 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66371 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66356 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66373 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66374 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66375 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66357 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66376 <-> DISABLED <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt (server-webapp.rules)
 * 1:66372 <-> DISABLED <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt (server-webapp.rules)
 * 1:66361 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66354 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66367 <-> DISABLED <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt (server-webapp.rules)
 * 1:66368 <-> DISABLED <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt (server-webapp.rules)
 * 1:66366 <-> DISABLED <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt (server-webapp.rules)
 * 1:66359 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66355 <-> DISABLED <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt (server-webapp.rules)
 * 1:66358 <-> DISABLED <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt (server-webapp.rules)
 * 1:66362 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 1:66364 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66363 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66365 <-> DISABLED <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt (server-webapp.rules)
 * 1:66360 <-> DISABLED <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt (server-webapp.rules)
 * 3:66378 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66379 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)
 * 3:66380 <-> ENABLED <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-other.rules)
 * 3:66377 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:66336 <-> DISABLED <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt (server-webapp.rules)

3200

2026-04-23 13:35:21 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.2.0.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

3351

2026-04-23 13:35:21 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.3.5.1.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

3360

2026-04-23 13:35:21 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.3.6.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

3370

2026-04-23 13:35:21 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.3.7.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

3700

2026-04-23 13:35:21 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.7.0.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

3900

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.9.0.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31110

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.11.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31150

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.15.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31180

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.18.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31200

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.12.0.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31210

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.21.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31350

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.35.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31440

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.44.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31470

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.1.47.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31100

2026-04-23 13:35:22 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.11.0.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt

31200

2026-04-23 13:35:23 UTC

Snort Subscriber Rules Update

Date: 2026-04-22-001

This is the complete list of rules modified and added in the Cisco Talos Certified rule pack for Snort version 3.12.0.0.

The format of the file is:

gid:sid <-> Message

New Rules:

* 1:66354 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66355 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66356 <-> SERVER-WEBAPP WordPress SEO Plugin SQL injection attempt
* 1:66357 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66358 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66359 <-> SERVER-WEBAPP WordPress My Calendar Plugin SQL injection attempt
* 1:66360 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66361 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66362 <-> SERVER-WEBAPP WordPress WP Statistics Plugin SQL injection attempt
* 1:66363 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66364 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66365 <-> SERVER-WEBAPP WordPress Photo Gallery Plugin SQL injection attempt
* 1:66366 <-> SERVER-WEBAPP Arcserve UDP ASNative.dll denial of service attempt
* 1:66367 <-> SERVER-WEBAPP Kentico Xperience webshell upload attempt
* 1:66368 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66369 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66370 <-> SERVER-WEBAPP SonicWall GMS SQL injection attempt
* 1:66371 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66372 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66373 <-> SERVER-WEBAPP Netgear ProSAFE NMS300 SQL injection attempt
* 1:66374 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66375 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 1:66376 <-> SERVER-WEBAPP Yawave WordPress Plugin SQL injection attempt
* 3:66377 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66378 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66379 <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2026-2379 attack attempt
* 3:66380 <-> SERVER-OTHER TRUFFLEHUNTER TALOS-2026-2379 attack attempt

Modified Rules:

* 1:53688 <-> SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt
* 1:53733 <-> SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt
* 1:53734 <-> SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt
* 1:53857 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53858 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53859 <-> SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt
* 1:53860 <-> SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt
* 1:53967 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53968 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53969 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:53970 <-> SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt
* 1:54003 <-> SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt
* 1:54012 <-> SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt
* 1:54195 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54196 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54197 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54198 <-> SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt
* 1:54272 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54273 <-> SERVER-WEBAPP Centreon Monitoring tool command injection attempt
* 1:54405 <-> SERVER-WEBAPP PHP php_strip_tags_ex function out-of-bounds read attempt
* 1:54462 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54484 <-> SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt
* 1:54511 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54556 <-> SERVER-WEBAPP BSA Radar local file inclusion attempt
* 1:54558 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54559 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54565 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54566 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54567 <-> SERVER-WEBAPP Park Ticketing Management System SQL injection attempt
* 1:54569 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54570 <-> SERVER-WEBAPP Barangay Management System SQL injection attempt
* 1:54596 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54597 <-> SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt
* 1:54602 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54603 <-> SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt
* 1:54617 <-> SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt
* 1:54629 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54649 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54650 <-> SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt
* 1:54670 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt
* 1:54671 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt
* 1:54672 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt
* 1:54674 <-> SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt
* 1:54684 <-> SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt
* 1:54767 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54768 <-> SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt
* 1:54794 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54795 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54796 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54797 <-> SERVER-WEBAPP Zeroshell Linux Router command injection attempt
* 1:54824 <-> SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt
* 1:55778 <-> SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt
* 1:55797 <-> SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt
* 1:55823 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55824 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55825 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:55826 <-> SERVER-WEBAPP Microsoft Exchange Server DlpUtils remote code execution attempt
* 1:55827 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55828 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55829 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt
* 1:55834 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55835 <-> SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt
* 1:55836 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55837 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55838 <-> SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt
* 1:55839 <-> SERVER-WEBAPP Multiple products DVR admin password leak attempt
* 1:55918 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55919 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55920 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55921 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:55981 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt
* 1:56005 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56006 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56007 <-> SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt
* 1:56082 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56083 <-> SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt
* 1:56135 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56136 <-> SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt
* 1:56138 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56154 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56155 <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt
* 1:56162 <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt
* 1:56200 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56201 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56202 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56203 <-> SERVER-WEBAPP Oracle WebLogic Server command injection attempt
* 1:56304 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56305 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:56404 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt
* 1:56405 <-> SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt
* 1:56414 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56415 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56416 <-> SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt
* 1:56417 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56418 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56419 <-> SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt
* 1:56420 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56421 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56422 <-> SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt
* 1:56423 <-> SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt
* 1:56432 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56433 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56434 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56435 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:56497 <-> SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt
* 1:56519 <-> SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt
* 1:56520 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56521 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56522 <-> SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt
* 1:56523 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56524 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56525 <-> SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt
* 1:56532 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56533 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56534 <-> SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt
* 1:56545 <-> SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt
* 1:56550 <-> SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt
* 1:56551 <-> SERVER-WEBAPP  Ruckus IoT Controller Web UI OS username command injection attempt
* 1:56557 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56558 <-> SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt
* 1:56586 <-> SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt
* 1:56604 <-> SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt
* 1:56624 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56625 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56626 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56627 <-> SERVER-WEBAPP rConfig command injection attempt
* 1:56799 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56800 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:56823 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56824 <-> SERVER-WEBAPP Citrix CakePHP command injection attempt
* 1:56826 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56827 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56828 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56829 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56830 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56831 <-> SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt
* 1:56877 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56878 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56879 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56880 <-> SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt
* 1:56916 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56917 <-> SERVER-WEBAPP SolarWinds Orion authentication bypass attempt
* 1:56934 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56935 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56936 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56937 <-> SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt
* 1:56990 <-> SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt
* 1:57002 <-> SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt
* 1:57048 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57049 <-> SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt
* 1:57072 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57074 <-> SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt
* 1:57075 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57076 <-> SERVER-WEBAPP Cisco RV Series Routers command injection attempt
* 1:57078 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57079 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57080 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57081 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57082 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57084 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57085 <-> SERVER-WEBAPP Cisco RV series routers command injection attempt
* 1:57086 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57088 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57089 <-> SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt
* 1:57095 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57096 <-> SERVER-WEBAPP Cisco RV Series routers command injection attempt
* 1:57098 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57099 <-> SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt
* 1:57100 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57101 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57102 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57105 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57109 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57110 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57113 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57114 <-> SERVER-WEBAPP Cisco RV Series routers stack overflow attempt
* 1:57126 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57127 <-> SERVER-WEBAPP Monstra CMS cross-site scripting attempt
* 1:57158 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57159 <-> SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt
* 1:57176 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57177 <-> SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt
* 1:57178 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57179 <-> SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt
* 1:57182 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57183 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57184 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57185 <-> SERVER-WEBAPP VMware administrative configurator component command injection attempt
* 1:57188 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center arbitrary Java object deserialization attempt
* 1:57224 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57225 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57226 <-> SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt
* 1:57229 <-> SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt
* 1:57241 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57242 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57243 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57244 <-> SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt
* 1:57245 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57246 <-> SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt
* 1:57275 <-> SERVER-WEBAPP ysoserial TypeConfuseDelegate deserialization exploit attempt
* 1:57276 <-> SERVER-WEBAPP Microsoft SharePoint potential deserialization attempt
* 1:57283 <-> SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt
* 1:57298 <-> SERVER-WEBAPP F5 iControl REST interface command injection attempt
* 1:57324 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57325 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57326 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57327 <-> SERVER-WEBAPP Netis WF2419 router command injection attempt
* 1:57328 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57329 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57330 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57331 <-> SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt
* 1:57332 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57333 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57334 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57335 <-> SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt
* 1:57337 <-> SERVER-WEBAPP F5 iControl REST interface ssrf attempt
* 1:57389 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57390 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57391 <-> SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt
* 1:57406 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57407 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57408 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57409 <-> SERVER-WEBAPP Palo Alto Networks management interface command injection attempt
* 1:57412 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57413 <-> SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt
* 1:57426 <-> SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt
* 1:57434 <-> SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt
* 1:57435 <-> SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt
* 1:57436 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57437 <-> SERVER-WEBAPP VMware View Planner logupload directory traversal attempt
* 1:57438 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57439 <-> SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt
* 1:57442 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57443 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57444 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57445 <-> SERVER-WEBAPP Terramaster TOS command injection attempt
* 1:57449 <-> SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt
* 1:57453 <-> SERVER-WEBAPP Pulse Connect Secure remote code execution attempt
* 1:57481 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57482 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57483 <-> SERVER-WEBAPP ManageEngine OpManager directory traversal attempt
* 1:57487 <-> SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt
* 1:57490 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57491 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57492 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57493 <-> SERVER-WEBAPP Klog Server authenticate.php user command injection attempt
* 1:57494 <-> SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt
* 1:57500 <-> SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt
* 1:57511 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57512 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57513 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57514 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57515 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57516 <-> SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt
* 1:57517 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57518 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57519 <-> SERVER-WEBAPP Serendipity index.php SQL injection attempt
* 1:57548 <-> SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt
* 1:57570 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57571 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57572 <-> SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt
* 1:57573 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57574 <-> SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt
* 1:57720 <-> SERVER-WEBAPP VMWare vSphere Client remote code execution attempt
* 1:57761 <-> SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt
* 1:57762 <-> SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt
* 1:57809 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57810 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57811 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57812 <-> SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt
* 1:57834 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt
* 1:57841 <-> SERVER-WEBAPP Nagios Fusion command injection attempt
* 1:57856 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57857 <-> SERVER-WEBAPP Cisco ASA cross site scripting attempt
* 1:57860 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57861 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57862 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57863 <-> SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt
* 1:57872 <-> SERVER-WEBAPP Facade Ignition remote code execution attempt
* 1:57902 <-> SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt
* 1:57906 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57907 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57908 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57909 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:57910 <-> SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt
* 1:57911 <-> SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt
* 1:57912 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57913 <-> SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt
* 1:57954 <-> SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt
* 1:57983 <-> SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt
* 1:58018 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58019 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58020 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58021 <-> SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt
* 1:58026 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58027 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58028 <-> SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt
* 1:58042 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58043 <-> SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt
* 1:58052 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58053 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58054 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58055 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58056 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58057 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58058 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58059 <-> SERVER-WEBAPP Realtek Jungle SDK command injection attempt
* 1:58063 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58064 <-> SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt
* 1:58067 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58068 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58069 <-> SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt
* 1:58093 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58094 <-> SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt
* 1:58111 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58112 <-> SERVER-WEBAPP Microsoft SharePoint remote code execution attempt
* 1:58113 <-> SERVER-WEBAPP Microsoft SharePoint machinekey information disclosure attempt
* 1:58169 <-> SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt
* 1:58170 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58171 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58172 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58173 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt
* 1:58201 <-> SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt
* 1:58217 <-> SERVER-WEBAPP VMware vCenter Server remote code execution attempt
* 1:58218 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58219 <-> SERVER-WEBAPP VMware vCenter Server file upload attempt
* 1:58224 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58225 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58226 <-> SERVER-WEBAPP SonicWall SMA100 SQL injection attempt
* 1:58227 <-> SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt
* 1:58230 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58231 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58232 <-> SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt
* 1:58242 <-> SERVER-WEBAPP Sophos XG Firewall SQL injection attempt
* 1:58245 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58246 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58247 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58248 <-> SERVER-WEBAPP UDP Technology IP Camera command injection attempt
* 1:58249 <-> SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt
* 1:58260 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58261 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58262 <-> SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt
* 1:58263 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58264 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58265 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58266 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58267 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58268 <-> SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt
* 1:58269 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58270 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58271 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58272 <-> SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt
* 1:58273 <-> SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt
* 1:58274 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58275 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt
* 1:58282 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt
* 1:58283 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt
* 1:58284 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt
* 1:58285 <-> SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt
* 1:58290 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58291 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58292 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58293 <-> SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt
* 1:58315 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58316 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58318 <-> SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt
* 1:58320 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58321 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58322 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt
* 1:58323 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58324 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58325 <-> SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt
* 1:58326 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58327 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58328 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58329 <-> SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt
* 1:58330 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58331 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58332 <-> SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt
* 1:58333 <-> SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt
* 1:58337 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58338 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58339 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58340 <-> SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt
* 1:58341 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58342 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58343 <-> SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt
* 1:58352 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt
* 1:58353 <-> SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt
* 1:58355 <-> SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt
* 1:58362 <-> SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt
* 1:58375 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58376 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt
* 1:58377 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58378 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt
* 1:58379 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58380 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt
* 1:58381 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58382 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58383 <-> SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt
* 1:58384 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58385 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt
* 1:58388 <-> SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt
* 1:58396 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58397 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58398 <-> SERVER-WEBAPP Nagios XI PHP file injection attempt
* 1:58399 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58400 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58401 <-> SERVER-WEBAPP Nagios XI directory traversal attempt
* 1:58403 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58404 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58405 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58406 <-> SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt
* 1:58407 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58408 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58409 <-> SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt
* 1:58410 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58411 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58412 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58413 <-> SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt
* 1:58418 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58419 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58420 <-> SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt
* 1:58421 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58422 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58423 <-> SERVER-WEBAPP BillQuick Web Suite SQL injection attempt
* 1:58424 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58425 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58426 <-> SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt
* 1:58427 <-> SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt
* 1:58428 <-> SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt
* 1:58454 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58455 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58456 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58457 <-> SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt
* 1:58464 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58465 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58466 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt
* 1:58467 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58468 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58469 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt
* 1:58470 <-> SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt
* 1:58471 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58472 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58473 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt
* 1:58475 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58476 <-> SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt
* 1:58487 <-> SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt
* 1:58499 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58500 <-> SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt
* 1:58502 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58503 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58504 <-> SERVER-WEBAPP SonicWall Email Security directory traversal attempt
* 1:58505 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58506 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58507 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58508 <-> SERVER-WEBAPP Tenda Router command injection attempt
* 1:58509 <-> SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt
* 1:58510 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58511 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58512 <-> SERVER-WEBAPP EyesOfNetwork SQL injection attempt
* 1:58513 <-> SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt
* 1:58514 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58515 <-> SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt
* 1:58517 <-> SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt
* 1:58521 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt
* 1:58522 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58523 <-> SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt
* 1:58525 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt
* 1:58529 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58530 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58531 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58532 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58533 <-> SERVER-WEBAPP Buffalo WSR router configuration injection attempt
* 1:58538 <-> SERVER-WEBAPP Arcadyan routers path traversal attempt
* 1:58542 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58543 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58544 <-> SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt
* 1:58546 <-> SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt
* 1:58555 <-> SERVER-WEBAPP Hikvision webLanguage command injection vulnerability
* 1:58562 <-> SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt
* 1:58563 <-> SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt
* 1:58567 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58568 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58569 <-> SERVER-WEBAPP Roundcube Webmail file disclosure attempt
* 1:58576 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58577 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58578 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58579 <-> SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt
* 1:58588 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58589 <-> SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt
* 1:58592 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58593 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58594 <-> SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt
* 1:58595 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58596 <-> SERVER-WEBAPP OpenEMR backup.php command injection attempt
* 1:58605 <-> SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt
* 1:58606 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58607 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:58608 <-> SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt
* 1:66336 <-> SERVER-WEBAPP FlowiseAI Flowise arbitrary code execution attempt