New Filters:
45285: HTTP: Apache Shiro Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Apache Shiro.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-13933 CVSS 5.0
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45291: HTTP: Cacti Group Cacti links.php title Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Cacti Group Cacti.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43364 CVSS 8.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45292: HTTP: QNAP HBS 3 Hybrid Backup Sync Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in QNAP HBS 3 Hybrid Backup Sync.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50388 CVSS 8.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45293: RSYNC: QNAP HBS 3 Hybrid Backup Sync Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in QNAP HBS 3 Hybrid Backup Sync.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50388 CVSS 8.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45294: HTTP: Rockwell Automation ThinManager ThinServer.exe API Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Rockwell Automation ThinManager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45826 CVSS 6.3
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45304: HTTP: Suspicious Transfer-Encoding Content-Length Header
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a Content-Length header and a Transfer-Encoding header in an HTTP request.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2017-7658
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45305: HTTP: Chamilo Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Chamilo.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4220
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: January 21, 2025
45307: HTTP: Judge0 Sandbox Escape Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a sandbox escape vulnerability in Judge0.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-28189
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: January 21, 2025
45308: HTTP: Zoho ManageEngine Analytics Plus getOAToken Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to request an admin user token from Zoho ManageEngine Analytics Plus.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-52323 CVSS 8.8
- Zero Day Initiative: ZDI-24-1676
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45309: HTTP: Apache Traffic Control Traffic Ops SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an sql injection vulnerability in Apache Traffic Control Traffic Ops.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45387 CVSS 9.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45311: HTTP: Cerio Router Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Moderate
- Description: This filter detects an attempt to exploit a command injection vulnerability in a Cerio Router web interface.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2018-18852
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45322: HTTP: Tongda Office Anywhere (OA) delete_log.php SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Tongda Office Anywhere.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4166 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45323: HTTP: Chamilo wsConvertPpt Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit command injection vulnerability in Chamilo.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34960 CVSS 9.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: January 21, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 3959: HTTP: Cross-Site Scripting (Cookie Manipulation)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 20, 2006
- Last Modified Date: January 21, 2025
* 44034: HTTP: Google Chrome VideoFrame Use-After-Free Vulnerability (Pwn2Own ZDI-25-027)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44034: PWN2OWN ZDI-CAN-23793: Zero Day Initiative Vulnerability (Chromium)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 26, 2024
- Last Modified Date: January 21, 2025
44290: HTTP: XWiki.org XWiki SolrSearchMacros text Command Injection Vulnerability (ZDI-24-1697)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44290: ZDI-CAN-23994: Zero Day Initiative Vulnerability (XWiki.org XWiki)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 04, 2024
- Last Modified Date: January 21, 2025
* 44382: HTTP: Ivanti Endpoint Manager SQL Injection Vulnerability (ZDI-24-1213,1215,1217-1219,1221)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: January 21, 2025
44401: HTTP: GFI Archiver Telerik Web UI Remote Code Execution Vulnerability (ZDI-24-1671)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44401: ZDI-CAN-24041: Zero Day Initiative Vulnerability (GFI Archiver)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: January 21, 2025
44582: HTTP: Veritas Enterprise Vault Deserialization Vulnerability (ZDI-24-1663,1665,1666,1667,1668)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44582: ZDI-CAN-24336,24339,24341,24344,24405: Zero Day Initiative Vulnerability (Veritas Enterprise Vault)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: January 21, 2025
* 44600: ZDI-CAN-24571: Zero Day Initiative Vulnerability (Trend Micro Apex One)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: September 03, 2024
- Last Modified Date: January 21, 2025
44888: TCP: HPE Insight Remote Support DESTA Service Insecure Deserialization Vulnerability (ZDI-24-1636)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44888: ZDI-CAN-24812: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
44889: HTTP: HPE Insight Remote Support getDocumentRootElement XML External Entity Processing (ZDI-24-1637)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44889: ZDI-CAN-24813: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
44890: HTTP: HPE Insight Remote Support validateAgainstXSD XML External Entity Processing (ZDI-24-1638)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44890: ZDI-CAN-24814: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
44891: HTTP: HPE Insight Remote Support processAtatchmentDataStream Directory Traversal (ZDI-24-1639)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44891: ZDI-CAN-25161: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
3543: HTTP: Content-Length Header Anomaly
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: December 31, 2005
- Last Modified Date: January 21, 2025
44080: HTTP: Paessler PRTG Network Monitor SNMP Cross-Site Scripting Vulnerability (ZDI-24-1736)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44080: ZDI-CAN-23371: Zero Day Initiative Vulnerability (Paessler PRTG Network Monitor)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 09, 2024
- Last Modified Date: January 21, 2025
44608: HTTP: Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1730)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44608: ZDI-CAN-24867: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44609: HTTP: Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1728)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44609: ZDI-CAN-24870: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44651: HTTP: Delta Electronics DRASimuCAD STP File Parsing Type Confusion Vulnerability (ZDI-24-1722)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44651: ZDI-CAN-22414: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44652: HTTP: Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1723)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44652: ZDI-CAN-22415: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44653: HTTP: Delta Electronics DRASimuCAD STP File Parsing Type Confusion Vulnerability (ZDI-24-1724)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44653: ZDI-CAN-22450: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44683: HTTP: AutomationDirect C-More EA9 EAP9 File Parsing Buffer Overflow Vulnerability (ZDI-24-1673)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44683: ZDI-CAN-24772: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44684: HTTP: AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Vulnerability (ZDI-24-1674)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44684: ZDI-CAN-24773: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44685: HTTP: AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Vulnerability (ZDI-24-1675)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44685: ZDI-CAN-24774: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44686: HTTP: Ashlar-Vellum Cobalt CO File Parsing Type Confusion Vulnerability (ZDI-24-1731)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44686: ZDI-CAN-24843: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44777: HTTP: Delta Electronics CNCSoft-G2 DPAX Heap-based Buffer Overflow Vulnerability (ZDI-24-1656)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44777: ZDI-CAN-25292: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 17, 2024
- Last Modified Date: January 21, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.