New Filters:
43345: HTTP: mySCADA myPRO Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in mySCADA myPRO.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28384 CVSS 8.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 24, 2023
43354: HTTP: PaperCut NG FileUploadAuthenticationFilter Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in PaperCut NG.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3486 CVSS 6.7
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 24, 2023
43355: HTTP: Dolibarr ERP and CRM Database Backup Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Dolibarr ERP and CRM.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-38886 CVSS 6.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 24, 2023
43361: HTTP: win.ini File Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects an attempt to access the file win.ini over HTTP.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: October 24, 2023
43362: HTTP: HP SiteScope SOAP Call APIPreferenceImpl Multiple Security Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects requests by unauthenticated clients to update login credentials for arbitrary users in HP SiteScope.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2012-3261 CVSS 10.0
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: October 24, 2023
43363: TCP: Suspicious HP Data Protector CRS Response
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious response to HP Data Protector CRS request.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2013-6195 CVSS 10.0
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: October 24, 2023
43364: ZDI-CAN-22079: Zero Day Initiative Vulnerability (Microsoft Exchange)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Exchange.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43366: ZDI-CAN-21447: Zero Day Initiative Vulnerability (Trend Micro Apex Central)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Apex Central.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43367: ZDI-CAN-21495: Zero Day Initiative Vulnerability (Trend Micro InterScan Web Security)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro InterScan Web Security Virtual Appliance.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43368: ZDI-CAN-21539: Zero Day Initiative Vulnerability (Sante PACS Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Sante PACS Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43369: ZDI-CAN-21953: Zero Day Initiative Vulnerability (Ivanti Avalanche)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Avalanche.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43379: ZDI-CAN-21954: Zero Day Initiative Vulnerability (Arista NG Firewall)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Arista NG Firewall.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43380: ZDI-CAN-22102: Zero Day Initiative Vulnerability (Microsoft Exchange)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Microsoft Exchange.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
43381: ZDI-CAN-22127: Zero Day Initiative Vulnerability (Inductive Automation Ignition)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Inductive Automation Ignition.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: October 24, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
* 12705: SMB: Microsoft Remote Administration Protocol Stack Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: January 15, 2013
- Last Modified Date: October 24, 2023
* 12840: SMB: Microsoft Remote Administration Protocol Heap Buffer Overflow Vulnerability
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: March 19, 2013
- Last Modified Date: October 24, 2023
13761: HTTP: HP OpenView Performance Agent Multiple Opcodes Communication
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: April 01, 2014
- Last Modified Date: October 24, 2023
13990: TCP: HP Data Protector Multiple Opcodes Parsing Code Execution Vulnerability (ZDI-14-002)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 01, 2014
- Last Modified Date: October 24, 2023
13999: TCP: HP Data Protector Opcode Parsing Directory Traversal Vulnerability (ZDI-14-003)
- IPS Version: 3.9.5 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "13999: TCP: HP Data Protector Opcode Parsing Directory Traversal (ZDI-14-003)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Deployments updated and are now:
- Deployment: Security-Optimized (Block / Notify)
- Release Date: May 27, 2014
- Last Modified Date: October 24, 2023
17160: TCP: HP LeftHand Virtual SAN Appliance Hydra Login Buffer Overflow Vulnerability (ZDI-13-179)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 19, 2015
- Last Modified Date: October 24, 2023
19225: TCP: Realtek miniigd Command Injection Vulnerability (ZDI-15-155)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "19225: UPnP: Realtek miniigd Command Injection Vulnerability (ZDI-15-155)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 06, 2015
- Last Modified Date: October 24, 2023
28093: SCTP: Linux Kernel SCTP sctp_sf_ootb Out-of-Bounds Read Vulnerability
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: May 09, 2017
- Last Modified Date: October 24, 2023
29892: TCP: Adobe ColdFusion RMI Registry Insecure Deserialization Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: January 16, 2018
- Last Modified Date: October 24, 2023
41866: HTTP: D-Link DAP-1325 SetAPLanSettings Buffer Overflow Vulnerability (ZDI-23-1504,1505,1506)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41866: ZDI-CAN-18808-18814,18825-18831,18840,18841: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: October 24, 2023
41870: HTTP: D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Vulnerability (ZDI-23-1503)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41870: ZDI-CAN-18815-18819,18824: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: October 24, 2023
41876: HTTP: D-Link DAP-1325 SetSetupWizardStatus Stack-based Buffer Overflow Vulnerability (ZDI-23-1507)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41876: ZDI-CAN-18821,18838: Zero Day Initiative Vulnerability (D-Link DAP-1325)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 25, 2022
- Last Modified Date: October 24, 2023
42226: HTTP: D-Link D-View uploadMib Directory Traversal Arbitrary Vulnerability (ZDI-23-717,ZDI-23-718)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: October 24, 2023
42396: HTTP: NETGEAR ProSAFE Network Management System Unrestricted File Upload Vulnerability (ZDI-23-918)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 28, 2023
- Last Modified Date: October 24, 2023
42475: HTTP: LG Simple Editor deleteCheckSession Directory Traversal Vulnerability (ZDI-23-1198)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: October 24, 2023
42490: HTTP: LG Simple Editor saveXml Directory Traversal Vulnerability (ZDI-23-1203)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 14, 2023
- Last Modified Date: October 24, 2023
42544: HTTP: Microsoft SharePoint Authentication Bypass Vulnerability (Pwn2Own ZDI-23-882)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 04, 2023
- Last Modified Date: October 24, 2023
43335: HTTP: HTTP Redirect with Invalid Host Name
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: October 17, 2023
- Last Modified Date: October 24, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
41496: HTTP: Delta Industrial Automation DIAEnergie Authentication Bypass Vulnerability (ZDI-22-1453)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 12, 2022
- Last Modified Date: October 24, 2023
41630: HTTP: Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Vulnerability (ZDI-23-1498)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41630: ZDI-CAN-17827: Zero Day Initiative Vulnerability (Ansys SpaceClaim)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 16, 2022
- Last Modified Date: October 24, 2023
41808: HTTP: A10 Thunder ADC FileMgmtExport Directory Traversal Vulnerability (ZDI-23-1496)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41808: ZDI-CAN-17905: Zero Day Initiative Vulnerability (A10 Thunder ADC)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 04, 2022
- Last Modified Date: October 24, 2023
42261: HTTP: D-Link DAP-2622 Telnet CLI Command Injection Vulnerability (ZDI-23-1514)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42261: ZDI-CAN-20051: Zero Day Initiative Vulnerability (D-Link DAP-2622)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 07, 2023
- Last Modified Date: October 24, 2023
42425: TCP: Inductive Automation Ignition OPC UA Cross-Site Scripting Vulnerability (Pwn2Own ZDI-23-1012)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: March 07, 2023
- Last Modified Date: October 24, 2023
43097: HTTP: Citrix ShareFile Storage Zones Controller ProcessRawPostedFile Directory Traversal
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Miscellaneous modification.
- Release Date: August 08, 2023
- Last Modified Date: October 24, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.