cscli appsec-rules install crowdsecurity/vpatch-CVE-2022-46169
1name: crowdsecurity/vpatch-CVE-2022-461692description: "Cacti RCE (CVE-2022-46169)"3rules:4 - and:5 - zones:6 - URI7 transform:8 - lowercase9 match:10 type: endsWith11 value: /remote_agent.php12 - zones:13 - ARGS14 variables:15 - poller_id16 match:17 type: regex18 value: "[^a-zA-Z0-9_]"1920labels:21 type: exploit22 service: http23 confidence: 324 spoofable: 025 behavior: "http:exploit"26 label: "Cacti <=1.2.22 - RCE"27 classification:28 - cve.CVE-2022-4616929 - attack.T159530 - attack.T119031 - cwe.CWE-7432 - cwe.CWE-7733 - cwe.CWE-7834 - cwe.CWE-863