New Filters:
42922: HTTP: Contec CONPROSYS HMI System Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in Contec CONPROSYS HMI System.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28651 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42926: HTTP: SolarView Compact conf_mail.php Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in SolarView Compact.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-29303 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42927: HTTP: Nortek Linear eMerge E3-Series Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Nortek Linear eMerge E3-Series.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-31499 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42928: HTTP: APSystems ECU-R version 5203 timezone Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in APSystems ECU-R version 5203.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-45699 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42942: HTTP: WordPress Beautiful Cookie Consent Banner Plugin Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in WordPress plugin Beautiful Cookie Consent Banner.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3388
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42943: HTTP: Jenkins File Parameter Plugin StashedFileParameterValue Arbitrary File Write Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file write vulnerability in Jenkins File Parameter Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32986 CVSS 8.9
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42946: DNS: Interact.sh Standard Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the following domains: oast.live, oast.fun, oast.me, oast.fun, oast.site, oast.online, and interact.sh.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Other
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: July 18, 2023
42951: ZDI-CAN-21292: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42952: ZDI-CAN-21326: Zero Day Initiative Vulnerability (Foxit PDF Reader)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Foxit PDF Reader.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42954: HTTP: Adobe ColdFusion Security Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a security bypass vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-29301
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42955: HTTP: Adobe ColdFusion Improper Access Control Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an improper access control vulnerability in Adobe ColdFusion.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-29298
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 18, 2023
42956: HTTP: TerraMaster TOS fileDownload Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects usage of the fileDownload endpoint with an arbitrary path in Terramaster TOS products.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2021-45841
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42957: HTTP: Roundcube Webmail rcube_image.php Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Roundcube Webmail.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-12641
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42958: HTTP: GStreamer FLAC File Parsing Integer Overflow Vulnerability (ZDI-23-903)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an integer overflow vulnerability in GStreamer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-37327
- Zero Day Initiative: ZDI-23-903
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: UNIX/Linux Client Application
- Release Date: July 18, 2023
42959: ZDI-CAN-21109: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42960: ZDI-CAN-21138: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42961: ZDI-CAN-21155: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Siemens Tecnomaticix Plant Simulation.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42964: HTTP: TerraMaster TOS index.php Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects at attempt to exploit a command injection vulnerability in Terramaster TOS products.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2021-45837
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
42965: HTTP: Suspicious iframe Using a Local File Handler Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious iframe element using a local file handler in HTTP traffic.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-36884
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42974: ZDI-CAN-21263: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42975: ZDI-CAN-21266: Zero Day Initiative Vulnerability (Siemens Simcenter Femap)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Siemens Simcenter Femap.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 18, 2023
42977: TCP: Redis SCAN KEYS command Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Redis.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-36021 CVSS 5.7
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: TCP (Generic)
- Platform: UNIX/Linux Server Application or Service
- Release Date: July 18, 2023
42982: HTTP: Avaya Aura Devices Security Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a security bypass vulnerability in Avaya Aura devices.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 18, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
* 9256: HTTP: HP OpenView Performance Insight Server Code Execution Vulnerability (ZDI-11-034)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: February 08, 2011
- Last Modified Date: July 18, 2023
* 16505: DNS: PHP php_parserr DNS TXT Record Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: August 04, 2014
- Last Modified Date: July 18, 2023
37943: HTTP: D-Link Multiple Products HNAP Authentication Bypass Vulnerability (ZDI-20-1437,ZDI-23-544)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "37943: HTTP: D-Link Multiple Products HNAP Authentication Bypass Vulnerability (ZDI-20-1437,23-544)".
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 11, 2020
- Last Modified Date: July 18, 2023
41777: HTTP: Atlassian Bitbucket Server and Data Center Command Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: September 27, 2022
- Last Modified Date: July 18, 2023
42207: AMQP: SolarWinds Network Performance Monitor Insecure Deserialization Vulnerability (ZDI-23-213)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: January 24, 2023
- Last Modified Date: July 18, 2023
42545: HTTP: Schneider Electric IGSS DashBoard.exe Unvalidated String Usage (ZDI-23-334,ZDI-23-889)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: July 18, 2023
* 42711: HTTP: Trend Micro Mobile Security Server File Deletion Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 16, 2023
- Last Modified Date: July 18, 2023
* 42889: HTTP: JetBrains TeamCity NuGet Feed/Commit Status Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42889: HTTP: JetBrains TeamCity NuGet Feed Page Stored Cross-Site Scripting Vulnerability".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 04, 2023
- Last Modified Date: July 18, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
1125: HTTP: ../.. Directory Traversal
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: December 31, 2005
- Last Modified Date: July 18, 2023
* 42884: HTTP: JetBrains TeamCity NuGet Feed/Commit Status Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42884: HTTP: JetBrains TeamCity NuGet Feed Page Stored Cross-Site Scripting Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: July 04, 2023
- Last Modified Date: July 18, 2023
* 42885: HTTP: JetBrains TeamCity NuGet Feed/Commit Status Page Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42885: HTTP: JetBrains TeamCity NuGet Feed Page Stored Cross-Site Scripting Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: July 04, 2023
- Last Modified Date: July 18, 2023
Removed Filters:
16684: TCP: Miras Malware Communication Attempt
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Release Date: September 02, 2014
- Last Modified Date: February 14, 2017
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.