CVE-2024-6271
published 2024-07-22CVE-2024-6271: The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin…
PriorityP424medium5.4CVSS 3.1
AVNACLPRNUIRSUCNILAL
EPSS
0.26%
17.5th percentile
The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting events, which could allow attackers to make a logged in admin delete arbitrary events via a CSRF attack
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| community_events_project | community_events | < 1.5 | 1.5 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT QNAP Shellshock script retrieval
suricata·2014-12-10
CVE-2014-6271 ET EXPLOIT QNAP Shellshock script retrieval
ET EXPLOIT QNAP Shellshock script retrieval
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT QNAP Shellshock script retrieval"; flow:established,to_client; file.data; content:"|2f|share|2f|MD0_DATA|2f|optware|2f|.xpl|2f|"; fast_pattern; content:"unset HISTFIE"; reference:url,www.fireeye.com/blog/threat-research/2014/10/the-shellshock-aftershock-for-nas-administrators.html; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; reference:cve,2014-6271; classtype:attempted-admin; sid:2019905; rev:5; metadata:created_at 2014_12_10, cve CVE_2014_6271, signature_severity Major, updated_at 2024_03_14;)
Suricata
ET EXPLOIT Possible Postfix CVE-2014-6271 attempt
suricata·2014-10-10·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET EXPLOIT Possible Postfix CVE-2014-6271 attempt
ET EXPLOIT Possible Postfix CVE-2014-6271 attempt
Rule: alert tcp any any -> $HOME_NET [25,587] (msg:"ET EXPLOIT Possible Postfix CVE-2014-6271 attempt"; flow:established,to_server; content:"|28 29 20 7b|"; fast_pattern; pcre:"/^[a-z-]+\s*?\x3a\s*?[^\r\n]*?\x28\x29\x20\x7b.*\x3b.*\x7d\s*\x3b(?!=[\r\n])/mi"; reference:url,exploit-db.com/exploits/34896/; reference:cve,2014-6271; classtype:attempted-admin; sid:2019389; rev:6; metadata:created_at 2014_10_10, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_06;)
Suricata
ET EXPLOIT Possible Pure-FTPd CVE-2014-6271 attempt
suricata·2014-10-02·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET EXPLOIT Possible Pure-FTPd CVE-2014-6271 attempt
ET EXPLOIT Possible Pure-FTPd CVE-2014-6271 attempt
Rule: alert tcp any any -> $HOME_NET 21 (msg:"ET EXPLOIT Possible Pure-FTPd CVE-2014-6271 attempt"; flow:established,to_server; content:"|28 29 20 7b 20|"; fast_pattern; reference:url,gist.github.com/jedisct1/88c62ee34e6fa92c31dc; reference:cve,2014-6271; classtype:attempted-admin; sid:2019335; rev:3; metadata:created_at 2014_10_02, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_03_06;)
Suricata
ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt
suricata·2014-09-30·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt
ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt
Rule: alert tcp any any -> $HOME_NET 1194 (msg:"ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt"; flow:established,to_server; content:"|20|"; depth:1; content:"|28 29 20 7b|"; fast_pattern; reference:url,news.ycombinator.com/item?id=8385332; classtype:attempted-admin; sid:2019323; rev:4; metadata:created_at 2014_09_30, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_03_06;)
Suricata
ET EXPLOIT Possible Qmail CVE-2014-6271 Mail From attempt
suricata·2014-09-29·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET EXPLOIT Possible Qmail CVE-2014-6271 Mail From attempt
ET EXPLOIT Possible Qmail CVE-2014-6271 Mail From attempt
Rule: alert tcp any any -> $HOME_NET [25,587] (msg:"ET EXPLOIT Possible Qmail CVE-2014-6271 Mail From attempt"; flow:established,to_server; content:"|28 29 20 7b|"; fast_pattern; pcre:"/^mail\s*?from\s*?\x3a\s*?[^\r\n]*?\x28\x29\x20\x7b/mi"; reference:url,marc.info/?l=qmail&m=141183309314366&w=2; classtype:attempted-admin; sid:2019293; rev:4; metadata:created_at 2014_09_29, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_03_06;)
Suricata
ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion CRLF
suricata·2014-09-28·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion CRLF
ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion CRLF
Rule: alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion CRLF"; flow:established,to_server; http.header; content:"|28 29 0d 0a 20 7b|"; fast_pattern; reference:url,www.invisiblethreat.ca/2014/09/cve-2014-6271/; classtype:attempted-admin; sid:2019292; rev:6; metadata:created_at 2014_09_28, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_04_07;)
Suricata
ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion LF
suricata·2014-09-28·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion LF
ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion LF
Rule: alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER CVE-2014-6271 Attempt In HTTP Headers Line Continuation Evasion LF"; flow:established,to_server; http.header; content:"|28 29 0a 20 7b|"; fast_pattern; reference:url,www.invisiblethreat.ca/2014/09/cve-2014-6271/; classtype:attempted-admin; sid:2019291; rev:5; metadata:created_at 2014_09_28, cve CVE_2014_6271, signature_severity Major, tag CISA_KEV, updated_at 2024_04_07;)
Suricata
ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy
suricata·2014-09-27·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy
ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy
Rule: alert tcp any any -> $HOME_NET [5060,5061] (msg:"ET EXPLOIT Possible CVE-2014-6271 Attempt Against SIP Proxy"; flow:established,to_server; content:"|28 29 20 7b|"; fast_pattern; reference:url,github.com/zaf/sipshock; classtype:attempted-admin; sid:2019290; rev:4; metadata:created_at 2014_09_27, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, updated_at 2024_03_06;)
Suricata
ET WEB_SERVER Possible CVE-2014-6271 Attempt in Headers
suricata·2014-09-25·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET WEB_SERVER Possible CVE-2014-6271 Attempt in Headers
ET WEB_SERVER Possible CVE-2014-6271 Attempt in Headers
Rule: alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in Headers"; flow:established,to_server; http.header; content:"|28 29 20 7b|"; fast_pattern; content:"bash|20 2d|c"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019232; rev:7; metadata:created_at 2014_09_25, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2021_11_03, reviewed_at 2024_03_06;)
Suricata
ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body
suricata·2014-09-25·CVSS 9.8
CVE-2014-6271 [CRITICAL] ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body
ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body
Rule: alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body"; flow:established,to_server; http.request_body; content:"|28 29 20 7b|"; fast_pattern; pcre:"/(?:^|[=?&])\s*?\x28\x29\x20\x7b/"; reference:url,blogs.akamai.com/2014/09/environment-bashing.html; classtype:attempted-admin; sid:2019233; rev:7; metadata:created_at 2014_09_25, cve CVE_2014_6271, confidence Medium, signature_severity Major, tag CISA_KEV, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_11_19, reviewed_at 2024_03_06;)
No public exploits indexed.
No writeups or analysis indexed.
2024-07-22
Published