New Filters:
45143: TCP: Ivanti Avalanche InfoRail Denial-of-Service Vulnerability (ZDI-24-1491)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Ivanti Avalanche Enterprise Service.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50320
- Zero Day Initiative: ZDI-24-1491
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: December 17, 2024
45167: HTTP: Raisecom Gateway Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Raisecom.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-7120
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45168: HTTP: Jeecg-Boot SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Jeecg-Boot.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-38992
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 17, 2024
45170: HTTP: WordPress Contact Form 7 File Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a file upload vulnerability in the WordPress Contact Form 7 plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-0595
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 17, 2024
45174: ZDI-CAN-25713: Zero Day Initiative Vulnerability (Ivanti Avalanche)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Avalanche.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45179: PWN2OWN ZDI-CAN-25606: Zero Day Initiative Vulnerability (Sonos Era 300)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Sonos Era 300.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45186: PWN2OWN ZDI-CAN-25613: Zero Day Initiative Vulnerability (Synology BeeStation BST150-4T)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Synology BeeStation BST150-4T.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45187: PWN2OWN ZDI-CAN-25623: Zero Day Initiative Vulnerability (Synology BeeStation BST150-4T)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Synology BeeStation BST150-4T.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45188: PWN2OWN ZDI-CAN-25658: Zero Day Initiative Vulnerability (Synology BeeStation BST150-4T)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Synology BeeStation BST150-4T.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45192: PWN2OWN ZDI-CAN-25482: Zero Day Initiative Vulnerability (QNAP TS-464)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting QNAP TS-464.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 17, 2024
45193: HTTP: Cleo Managed File Transfer Lexicom, VLTransfer, and Harmony Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Cleo Managed File Transfer software including the applications LexiCom, VLTransfer, and Harmony.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50623
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 17, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
43943: HTTP: Centreon updateServiceHost_MC SQL Injection Vulnerability (ZDI-24-595,ZDI-24-596,ZDI-24-899)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 05, 2024
- Last Modified Date: December 17, 2024
44995: PWN2OWN ZDI-CAN-25607: Zero Day Initiative Vulnerability (Synology DiskStation DS1823xs+)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: October 29, 2024
- Last Modified Date: December 17, 2024
* 45010: PWN2OWN ZDI-CAN-25581: Zero Day Initiative Vulnerability (Samsung Galaxy S24)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: October 29, 2024
- Last Modified Date: December 17, 2024
* 45015: PWN2OWN ZDI-CAN-25672: Zero Day Initiative Vulnerability (QNAP Qhora-322)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: October 29, 2024
- Last Modified Date: December 17, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
44611: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-24-1625)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44611: ZDI-CAN-24664: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 17, 2024
44629: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-24-1626)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44629: ZDI-CAN-24768: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 17, 2024
44630: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Out-Of-Bounds Write Vulnerability (ZDI-24-1627)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44630: ZDI-CAN-24769: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 17, 2024
44631: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-24-1628)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44631: ZDI-CAN-24770: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 17, 2024
44633: HTTP: Fuji Electric Tellus Lite V-Simulator Out-Of-Bounds Write Vulnerability (ZDI-24-1629)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44633: ZDI-CAN-24771: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 17, 2024
44634: HTTP: Fuji Electric Monitouch V-SFT V8 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1623)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44634: ZDI-CAN-24662: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 17, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.