New Filters:
44410: TCP: Zabbix Audit Log SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix Audit Log.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-22120 CVSS 8.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44434: HTTP: Microsoft Exchange PowerShell MultiValuedProperty Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter protects against exploitation of an insecure deserialization vulnerability affecting Microsoft Exchange Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-21529
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44443: HTTP: Jaspersoft JasperReports Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Jaspersoft JasperReports.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2018-5430
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: July 02, 2024
44444: HTTP: SAP NetWeaver As Java SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in SAP NetWeaver As Java.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2016-2386
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: July 02, 2024
44445: HTTP: Zimbra Collaboration Suite getAttachmentLinkHtml Cross-site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Zimbra Collaboration.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2018-6882 CVSS 4.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: July 02, 2024
44446: SMTP: Zimbra Collaboration Suite Amavis Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Zimbra Collaboration Suite.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-41352 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: SMTP
- Platform: UNIX/Linux Server Application or Service
- Release Date: July 02, 2024
44447: TCP: Lodash Template Function Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Lodash.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2021-23337
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44448: HTTP: Fuel CMS col SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in Fuel CMS.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-17463 CVSS 7.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44449: HTTP: MOVEit Transfer Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in MOVEit Transfer.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-5806
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44452: HTTP: Apache OFBiz Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Apache OFBiz.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-32113
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
44457: HTTP: PlaySMS index.php Unauthenticated Template Injection Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a template injection vulnerability in PlaySMS.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-8644
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: July 02, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 05, 2016
- Last Modified Date: July 02, 2024
40990: HTTP: Advantech iView setConfiguration column_value SQL Injection Vulnerability (ZDI-22-911,24-610)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: March 15, 2022
- Last Modified Date: July 02, 2024
* 42634: HTTP: PaperCut NG print.script.sandboxed Exposed Dangerous Function Vulnerability (ZDI-24-786)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42634: ZDI-CAN-20965: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 25, 2023
- Last Modified Date: July 02, 2024
* 43786: HTTP: PaperCut NG PrintDeployProxyController Authentication Bypass Vulnerability (ZDI-24-782)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43786: ZDI-CAN-22812: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: July 02, 2024
* 43927: HTTP: PaperCut MF handleServiceException Cross-Site Scripting Vulnerability (ZDI-24-784)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43927: ZDI-CAN-23254: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 05, 2024
- Last Modified Date: July 02, 2024
* 43950: HTTP: PaperCut MF EmailRenderer Server-Side Template Injection Vulnerability (ZDI-24-785)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43950: ZDI-CAN-23481: Zero Day Initiative Vulnerability (Papercut MF)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 12, 2024
- Last Modified Date: July 02, 2024
43962: HTTP: Delta Electronics CNCSoft-G2 DOPSoft ALM Buffer Overflow Vulnerability (ZDI-24-653,656,657)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43962: ZDI-CAN-23045,23046,23068: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 12, 2024
- Last Modified Date: July 02, 2024
* 44400: HTTP: XAMPP PHP CGI Module Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
5349: MS-RPC: Samba RPC Heap Overflow (ZDI-07-033)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: May 14, 2007
- Last Modified Date: July 02, 2024
35086: HTTP: Suspicious Proxy Access (ATT&CK T1090)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Miscellaneous modification.
- Release Date: April 30, 2019
- Last Modified Date: July 02, 2024
37366: HTTP: EyesOfNetwork Administrative Account Creation
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Release Date: March 24, 2020
- Last Modified Date: July 02, 2024
* 40026: HTTP: PaperCut NG Upload Link Vulnerability (ZDI-24-780)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40026: ZDI-CAN-23074: Zero Day Initiative Vulnerability (Papercut NG)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: July 02, 2024
* 40065: HTTP: PaperCut NG generateNextFileName Directory Traversal Vulnerability (ZDI-24-781)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "40065: ZDI-CAN-22328: Zero Day Initiative Vulnerability (Papercut NG)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 13, 2024
- Last Modified Date: July 02, 2024
42344: HTTP: GoAnywhere MFT License Servlet Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: February 14, 2023
- Last Modified Date: July 02, 2024
42590: HTTP: Suspicious HTTP Request Containing NodeJS Command Execution
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: July 02, 2024
42600: SLP: Service Location Protocol Registration Request
- IPS Version: 3.6.2 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: July 02, 2024
42604: SLP: Service Location Protocol Abnormal Service Type Reply
- IPS Version: 3.6.2 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: April 11, 2023
- Last Modified Date: July 02, 2024
43581: HTTP: Hewlett Packard Enterprise OneView Authentication Bypass Vulnerability (ZDI-24-811)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43581: ZDI-CAN-22455: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: July 02, 2024
43582: HTTP: Hewlett Packard Enterprise OneView Command Injection Vulnerability (ZDI-24-810)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43582: ZDI-CAN-22454: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise OneView)".
- Description updated.
- Vulnerability references updated.
- Release Date: December 26, 2023
- Last Modified Date: July 02, 2024
43585: HTTP: Ivanti Avalanche getAdhocFilePath Directory Traversal Vulnerability (ZDI-24-382)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: January 02, 2024
- Last Modified Date: July 02, 2024
43883: HTTP: Delta Electronics CNCSoft-G2 DOPSoft DPAX Buffer Overflow Vulnerability (ZDI-24-625)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43883: ZDI-CAN-23141: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 20, 2024
- Last Modified Date: July 02, 2024
43884: HTTP: Delta Electronics CNCSoft-G2 DOPSoft DPAX Buffer Overflow Vulnerability (ZDI-24-624)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43884: ZDI-CAN-23144: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: February 20, 2024
- Last Modified Date: July 02, 2024
43966: HTTP: Delta Electronics CNCSoft-G2 DOPSoft DPAX Buffer Overflow Vulnerability (ZDI-24-642)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "43966: ZDI-CAN-23168: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 12, 2024
- Last Modified Date: July 02, 2024
44403: HTTP: Logsign Unified SecOps Platform Command Injection Vulnerability (ZDI-24-617)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44403: ZDI-CAN-24165: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
44405: HTTP: Logsign Unified SecOps Platform Missing Authentication Vulnerability (ZDI-24-618)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44405: ZDI-CAN-24166: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
44406: HTTP: Logsign Unified SecOps Platform Command Injection Vulnerability (ZDI-24-619)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44406: ZDI-CAN-24167: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
44407: HTTP: Logsign Unified SecOps Platform Command Injection Vulnerability (ZDI-24-613)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44407: ZDI-CAN-24168: Zero Day Initiative Vulnerability (Logsign Unified SecOps Platform)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: July 02, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.