New Filters:
45207: RDP: Microsoft Windows Remote Desktop Protocol Server WebSocketServer Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects usage of RDP WebSocketServer Usage.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43582
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: December 31, 2024
45208: RDP: Microsoft Windows Remote Desktop Protocol Server WebSocketServer Use-After-Free Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a use after free vulnerability in vulnerable installations of Microsoft Remote Desktop Protocol.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43582
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Windows Client Application
- Release Date: December 31, 2024
45234: HTTP: D-Link NAS OS Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an OS command injection vulnerability in D-Link NAS DNS-320, 320LW, 325, and DNS-340L.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-10914
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 31, 2024
45240: TCP: Digium Asterisk Unsafe Application Function Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the usage of a certain unsafe function within a certain application in Asterisk.
- Deployments:
- Deployment: Performance-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-42365
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: December 31, 2024
45244: HTTP: WordPress NotificationX Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in the WordPress NotificationX plugin.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-0349
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 31, 2024
45245: HTTP: Jenkins Simple Queue Plugin Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in the Simple Queue plugin for Jenkins.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-54003
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: December 31, 2024
45246: ZDI-CAN-26065: Zero Day Initiative Vulnerability (WS02 API Manager)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting WS02 API Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 31, 2024
45247: ZDI-CAN-25779: Zero Day Initiative Vulnerability (Canon imageCLASS MF656Cdw)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Canon imageCLASS MF656Cdw.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: December 31, 2024
45248: HTTP: LibreNMS Device Overview Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in LibreNMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50352
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: UNIX/Linux Server Application or Service
- Release Date: December 31, 2024
Modified Filters (logic changes):
* = Enabled in Default deployments
44197: HTTP: Webmin CGI Command Injection Vulnerability (ZDI-24-1725)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44197: ZDI-CAN-22346: Zero Day Initiative Vulnerability (Webmin)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 30, 2024
- Last Modified Date: December 31, 2024
44583: HTTP: Veritas Enterprise Vault MobileHTMLView Cross-Site Scripting Vulnerability (ZDI-24-1659-1662)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44583: ZDI-CAN-24695,24696,24697,24698: Zero Day Initiative Vulnerability (Veritas Enterprise Vault)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: December 31, 2024
Modified Filters (metadata changes only):
* = Enabled in Default deployments
44636: HTTP: Fuji Electric Monitouch V-SFT V10 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1620)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44636: ZDI-CAN-24504: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 31, 2024
44637: HTTP: Fuji Electric Monitouch V-SFT X1 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1624)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44637: ZDI-CAN-24663: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 31, 2024
44638: HTTP: Fuji Electric Monitouch V-SFT V10 Stack-based Buffer Overflow Vulnerability (ZDI-24-1616)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44638: ZDI-CAN-24449: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 31, 2024
44639: HTTP: Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1619)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44639: ZDI-CAN-24503: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 31, 2024
44640: HTTP: Fuji Electric Monitouch V-SFT X1 Heap-based Buffer Overflow Vulnerability (ZDI-24-1630)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44640: ZDI-CAN-24548: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: December 31, 2024
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.