New Filters:
44083: TCP: mySCADA myPRO Hard-Coded Credential Vulnerability (ZDI-24-1226)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of mySCADA myPRO.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-4708 CVSS 9.8
- Zero Day Initiative: ZDI-24-1226
- Classification: Vulnerability - Access Validation
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44798: HTTP: Ollama parseFromZipFile GET Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Ollama.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45436 CVSS 8.7
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44799: HTTP: Ollama parseFromZipFile POST Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Ollama.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45436 CVSS 8.7
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44800: HTTP: Jenkins scriptText Execution Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to execute a command in Jenkins.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44803: HTTP: PaperCut NG and MF pc-upconnector Server-Side Request Forgery Vulnerability (ZDI-24-783)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a server-side request forgery vulnerability in PaperCut NG and MF.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-1884 CVSS 6.1
- Zero Day Initiative: ZDI-24-783
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44804: HTTP: Ivanti Endpoint Manager Improper Input Validation Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an improper input validation vulnerability in Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28324
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44805: SMTP: Roundcube Webmail html4inline Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in Roundcube Webmail.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-42009 CVSS 6.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44806: HTTP: WordPress GiveWP Plugin give_get_donor_comments SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in the WordPress GiveWP plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-0224 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44807: DNS: Visual Studio Code Remote - Tunnels Extension Request Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain global.rel.tunnels.api.visualstudio.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: September 24, 2024
44808: TCP: Ivanti Endpoint Manager AgentPortal Remote Code Execution Vulnerability (ZDI-24-1223)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a remote code execution vulnerability in Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-29847
- Zero Day Initiative: ZDI-24-1223
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44809: HTTP: WordPress Hide My WP Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in the WordPress Hide My WP Plugin.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-4681
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44810: RPC: Microsoft Windows RDL Service Base24 Decoding Input Validation Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an input validation vulnerability in Microsoft Windows.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-38077
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: MS-RPC
- Platform: Windows Server Application or Service
- Release Date: September 24, 2024
44811: HTTP: Ivanti Cloud Services Appliance datetime.php Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Ivanti Cloud Services Appliance.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-8190
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44812: HTTP: SPIP BigUp Plugin Unsafe Parameter Value Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an unsafe parameter value in the BigUp plugin used by SPIP. BigUp is a plugin used for the publishing of content to the shared internet.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-8517 CVSS 9.8
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44813: HTTP: WordPress User Registration Plugin Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in User Registration Plugin for WordPress.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-3342 CVSS 9.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44814: HTTP: WordPress Post SMTP Plugin fcm-token Authorization Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authorization bypass vulnerability in the WordPress Post SMTP Plugin.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-6875
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44816: HTTP: WordPress GN Publisher plugin Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Moderate
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in GN Publisher Plugin for WordPress.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-1080 CVSS 6.1
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44817: HTTP: IBOS OA SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in IBOS OA version 4.5.5.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4741 CVSS 8.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44819: ZDI-CAN-25064: Zero Day Initiative Vulnerability (Dell Avamar)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Dell Avamar.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 24, 2024
44820: ZDI-CAN-25065: Zero Day Initiative Vulnerability (Dell Avamar)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Dell Avamar.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 24, 2024
44821: ZDI-CAN-25066: Zero Day Initiative Vulnerability (Dell Avamar)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Dell Avamar.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 24, 2024
44822: ZDI-CAN-25068: Zero Day Initiative Vulnerability (Dell Avamar)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Dell Avamar.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 24, 2024
44823: ZDI-CAN-25225: Zero Day Initiative Vulnerability (Delta Electronics ISPSoft)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics ISPSoft.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: September 24, 2024
44832: HTTP: WordPress Forminator Plugin Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in the Forminator plugin for WordPress.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4596
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: September 24, 2024
44834: HTTP: SolarWinds Web Help Desk (WHD) Hardcoded Credential Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in SolarWinds Web Help Desk.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-28987
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: September 24, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
* 44107: HTTP: Ivanti Endpoint Manager GetVulnerabilitiesDataTable SQL Injection (ZDI-24-514,ZDI-24-1214)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44107: HTTP: Ivanti Endpoint Manager GetVulnerabilitiesDataTable SQL Injection Vulnerability (ZDI-24-514)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 16, 2024
- Last Modified Date: September 24, 2024
44646: HTTP: SolarWinds Web Help Desk AjaxProxy Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44646: HTTP: SolarWinds Dameware Web Help Desk takeValueForKey Remote Code Execution Vulnerability".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: September 24, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
4560: HTTP: HTTP Request Smuggling
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Vulnerability references updated.
- Release Date: July 24, 2006
- Last Modified Date: September 24, 2024
13855: TCP: XML External Entity (XXE) Usage
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: April 28, 2014
- Last Modified Date: September 24, 2024
44131: HTTP: Microsoft SharePoint SPThemes Deserialization of Untrusted Data Vulnerability (ZDI-24-1204)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44131: HTTP: Microsoft SharePoint SPThemes Deserialization of Untrusted Data Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 24, 2024
44132: HTTP: Microsoft SharePoint SPThemes Insecure Deserialization Vulnerability (ZDI-24-1204)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44132: HTTP: Microsoft SharePoint SPThemes Insecure Deserialization Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: April 23, 2024
- Last Modified Date: September 24, 2024
44367: HTTP: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization (ZDI-24-1224)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44367: ZDI-CAN-24270: Zero Day Initiative Vulnerability (SolarWinds Access Rights Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 11, 2024
- Last Modified Date: September 24, 2024
* 44382: HTTP: Ivanti Endpoint Manager SQL Injection Vulnerability(ZDI-24-1213,1215,1217-1219,1221)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44382: ZDI-CAN-24282,24285,24288,24290,24291: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: September 24, 2024
* 44383: HTTP: Ivanti Endpoint Manager GetSQLStatement SQL Injection Vulnerability (ZDI-24-1216)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44383: ZDI-CAN-24287: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: September 24, 2024
44486: HTTP: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability (ZDI-24-1206)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44486: HTTP: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: July 09, 2024
- Last Modified Date: September 24, 2024
* 44488: HTTP: Ivanti Endpoint Manager ImportXml XML External Entity Processing Vulnerability (ZDI-24-1212)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44488: ZDI-CAN-24046: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: July 09, 2024
- Last Modified Date: September 24, 2024
44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability (ZDI-24-1207)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: September 24, 2024
44576: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability (ZDI-24-1207)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44576: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability".
- Description updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: September 24, 2024
44784: HTTP: WordPress Country State City Dropdown CF7 plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: September 17, 2024
- Last Modified Date: September 24, 2024
Removed Filters:
44393: ZDI-CAN-24284: Zero Day Initiative Vulnerability (Ivanti Endpoint Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Release Date: June 18, 2024
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.