New Filters:
44410: TCP: Zabbix Audit Log SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix Audit Log.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-22120 CVSS 8.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44434: HTTP: Microsoft Exchange PowerShell MultiValuedProperty Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter protects against exploitation of an insecure deserialization vulnerability affecting Microsoft Exchange Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-21529
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44443: HTTP: Jaspersoft JasperReports Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Jaspersoft JasperReports.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2018-5430
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: July 02, 2024
44444: HTTP: SAP NetWeaver As Java SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in SAP NetWeaver As Java.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2016-2386
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 02, 2024
44445: HTTP: Zimbra Collaboration Suite getAttachmentLinkHtml Cross-site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Zimbra Collaboration.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2018-6882 CVSS 4.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 02, 2024
44446: SMTP: Zimbra Collaboration Suite Amavis Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Zimbra Collaboration Suite.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-41352 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: SMTP
- Platform: UNIX/Linux Server Application or Service
- Release Date: July 02, 2024
44447: TCP: Lodash Template Function Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Lodash.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2021-23337
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44448: HTTP: Fuel CMS col SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in Fuel CMS.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-17463 CVSS 7.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44449: HTTP: MOVEit Transfer Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in MOVEit Transfer.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-5806
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44452: HTTP: Apache OFBiz Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Apache OFBiz.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-32113
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44457: HTTP: PlaySMS index.php Unauthenticated Template Injection Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a template injection vulnerability in PlaySMS.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-8644
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 05, 2016
- Last Modified Date: July 02, 2024
40990: HTTP: Advantech iView setConfiguration column_value SQL Injection Vulnerability (ZDI-22-911,24-610)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: March 15, 2022
- Last Modified Date: July 02, 2024
* 42634: HTTP: PaperCut NG print.script.sandboxed Exposed Dangerous Function Vulnerability (ZDI-24-786)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42634: ZDI-CAN-20965: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 25, 2023
- Last Modified Date: July 02, 2024
* 43786: HTTP: PaperCut NG PrintDeployProxyController Authentication Bypass Vulnerability (ZDI-24-782)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43786: ZDI-CAN-22812: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: July 02, 2024
* 43927: HTTP: PaperCut MF handleServiceException Cross-Site Scripting Vulnerability (ZDI-24-784)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43927: ZDI-CAN-23254: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 05, 2024
- Last Modified Date: July 02, 2024
* 43950: HTTP: PaperCut MF EmailRenderer Server-Side Template Injection Vulnerability (ZDI-24-785)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43950: ZDI-CAN-23481: Zero Day Initiative Vulnerability (Papercut MF)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 12, 2024
- Last Modified Date: July 02, 2024
43962: HTTP: Delta Electronics CNCSoft-G2 DOPSoft ALM Buffer Overflow Vulnerability (ZDI-24-653,656,657)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43962: ZDI-CAN-23045,23046,23068: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 12, 2024
- Last Modified Date: July 02, 2024
* 44400: HTTP: XAMPP PHP CGI Module Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
5349: MS-RPC: Samba RPC Heap Overflow (ZDI-07-033)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: May 14, 2007
- Last Modified Date: July 02, 2024
35086: HTTP: Suspicious Proxy Access (ATT&CK T1090)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: April 30, 2019
- Last Modified Date: July 02, 2024
37366: HTTP: EyesOfNetwork Administrative Account Creation
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: March 24, 2020
- Last Modified Date: July 02, 2024
* 40026: HTTP: PaperCut NG Upload Link Vulnerability (ZDI-24-780)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40026: ZDI-CAN-23074: Zero Day Initiative Vulnerability (Papercut NG)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: July 02, 2024
* 40065: HTTP: PaperCut NG generateNextFileName Directory Traversal Vulnerability (ZDI-24-781)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40065: ZDI-CAN-22328: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: July 02, 2024
42344: HTTP: GoAnywhere MFT License Servlet Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: July 02, 2024
42590: HTTP: Suspicious HTTP Request Containing NodeJS Command Execution
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: July 02, 2024
42600: SLP: Service Location Protocol Registration Request
- IPS Version: 3.6.2 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: July 02, 2024
42604: SLP: Service Location Protocol Abnormal Service Type Reply
- IPS Version: 3.6.2 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: July 02, 2024
43581: HTTP: Hewlett Packard Enterprise OneView Authentication Bypass Vulnerability (ZDI-24-811)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43581: ZDI-CAN-22455: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: July 02, 2024
43582: HTTP: Hewlett Packard Enterprise OneView Command Injection Vulnerability (ZDI-24-810)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43582: ZDI-CAN-22454: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: July 02, 2024
43585: HTTP: Ivanti Avalanche getAdhocFilePath Directory Traversal Vulnerability (ZDI-24-382)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: January 02, 2024
- Last Modified Date: July 02, 2024
43883: HTTP: Delta Electronics CNCSoft-G2 DOPSoft DPAX Buffer Overflow Vulnerability (ZDI-24-625)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43883: ZDI-CAN-23141: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 20, 2024
- Last Modified Date: July 02, 2024
43884: HTTP: Delta Electronics CNCSoft-G2 DOPSoft DPAX Buffer Overflow Vulnerability (ZDI-24-624)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43884: ZDI-CAN-23144: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 20, 2024
- Last Modified Date: July 02, 2024
43966: HTTP: Delta Electronics CNCSoft-G2 DOPSoft DPAX Buffer Overflow Vulnerability (ZDI-24-642)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43966: ZDI-CAN-23168: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 12, 2024
- Last Modified Date: July 02, 2024
44403: HTTP: Logsign Unified SecOps Platform Command Injection Vulnerability (ZDI-24-617)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44403: ZDI-CAN-24165: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
44405: HTTP: Logsign Unified SecOps Platform Missing Authentication Vulnerability (ZDI-24-618)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44405: ZDI-CAN-24166: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
44406: HTTP: Logsign Unified SecOps Platform Command Injection Vulnerability (ZDI-24-619)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44406: ZDI-CAN-24167: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
44407: HTTP: Logsign Unified SecOps Platform Command Injection Vulnerability (ZDI-24-613)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44407: ZDI-CAN-24168: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9918