New Filters:
43201: HTTP: RARLAB WinRAR File Extension Spoofing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: The filter detects an attempt to exploit an extension spoofing vulnerability in RARLAB WinRAR.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-38831
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Other Client Application
- Release Date: September 19, 2023
43233: HTTP: WordPress Kadence Blocks Plugin Advanced Form Unrestricted File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a file upload vulnerability in WordPress Kadence Blocks Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 19, 2023
43235: HTTP: LibreNMS Ports outages.inc.php Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a reflected cross-site scripting vulnerability in LibreNMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4347 CVSS 8.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 19, 2023
43244: ZDI-CAN-22013: Zero Day Initiative Vulnerability (Delta Electronics Infrasuite Device Master)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics Infrasuite Device Master.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 19, 2023
43246: HTTP: Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in Foxit Studio Photo.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-8878
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: September 19, 2023
43247: HTTP: Suspicious LG Simple Editor XML Request (ZDI-23-1210,1211)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious HTTP request with copyContent command.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-40506 CVSS 7.5, CVE-2023-40507 CVSS 7.5
- Zero Day Initiative: ZDI-23-1210, ZDI-23-1211
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 19, 2023
43248: TCP: Kerberos Kadmind Sun-RPC Modify Principal
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a Modify Principal request over Kerberos Kadmind Sun-RPC.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2016-3119
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: MS-RPC
- Platform: Windows Server Application or Service
- Release Date: September 19, 2023
43249: HTTP: mySCADA myPRO Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in mySCADA myPRO.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28716 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 19, 2023
43250: HTTP: VISAM VBASE Automation Base WebRemote External Entity Injection Vulnerability (ZDI-23-1037)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an external entity processing vulnerability in VISAM VBASE Automation Base.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-46286 CVSS 6.4
- Zero Day Initiative: ZDI-23-1037
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: September 19, 2023
43251: HTTP: VISAM VBASE Automation Base GestureConfigurations External Entity Injection (ZDI-23-1043)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an external entity processing vulnerability in VISAM VBASE Automation Base.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-46300 CVSS 6.4
- Zero Day Initiative: ZDI-23-1043
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Windows Server Application or Service
- Release Date: September 19, 2023
43252: HTTP: VMware Aria Operations for Networks saveFileToDisk Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in VMware Aria Operations for Networks.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-20890 CVSS 7.9
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 19, 2023
43255: HTTP: Google Chromium V8 SetPropertyWithAccessor Type Confusion Heap Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a heap overflow vulnerability in Google Chromium.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2935 CVSS 8.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: September 19, 2023
43256: HTTP: Foxit Reader and PhantomPDF ConvertToPDF Integer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an integer overflow vulnerability in Foxit Reader.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-8844
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: September 19, 2023
43257: ZDI-CAN-21983: Zero Day Initiative Vulnerability (Microsoft Exchange)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Exchange.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 19, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
16296: TLS: GnuTLS Server Hello Response Buffer Overflow Vulnerability
- IPS Version: 3.2.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "16296: HTTPS: GnuTLS Server Hello Response Buffer Overflow Vulnerability".
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 24, 2014
- Last Modified Date: September 19, 2023
* 19687: DNS: glibc gethostbyname_r Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: May 12, 2015
- Last Modified Date: September 19, 2023
24123: HTTP: Apache OpenMeetings ZIP File Path Traversal Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 19, 2016
- Last Modified Date: September 19, 2023
* 24997: HTTP: Apache Struts URLValidator Denial-of-Service Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 19, 2016
- Last Modified Date: September 19, 2023
42652: DNS: Microsoft Windows Server Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: May 09, 2023
- Last Modified Date: September 19, 2023
42749: HTTP: Foxit Studio Photo PSD File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-300)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 30, 2023
- Last Modified Date: September 19, 2023
43183: HTTP: LibreNMS Ports list.inc.php Reflected Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Release Date: September 05, 2023
- Last Modified Date: September 19, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
42590: HTTP: Suspicious HTTP Request Containing NodeJS Command Execution
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: September 19, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.