New Filters:
45383: HTTP: Craft CMS Twig Template Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a template injection vulnerability in Craft CMS Twig.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-56145
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45394: HTTP: Windows Themes Spoofing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a security bypass vulnerability in Microsoft Windows Themes.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-21308
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: February 11, 2025
45397: HTTP: WordPress Ultimate Exporter Plugin Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in the WordPress Ultimate Exporter plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-56278
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45398: HTTP: PHPGurukul Land Record System SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in PHPGurukul Land Record System.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-13079
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45399: HTTP: npm mpath module Prototype Pollution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a prototype pollution vulnerability in npm mpath module.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2018-16490, CVE-2021-23438
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45401: DNS: Lemon8 Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain lemon8-web.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: February 11, 2025
45402: HTTP: WordPress Tutor LMS Plugin get_instructors SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in the Wordpress Tutor LMS Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-10400 CVSS 6.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45404: HTTP: Palo Alto Networks GlobalProtect Unsafe Server Configuration Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an unsafe server configuration response when the client is attempting to connect in Palo Alto Network's GlobalProtect application.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-5921 CVSS 7.1
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45405: HTTP: CyberPanel Authenticated OS Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in CyberPanel.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-53376
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
45408: DNS: MooMoo Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain static.moomoo.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: February 11, 2025
45409: DNS: Tiger Brokers Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain itiger.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: February 11, 2025
45410: DNS: Webull Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain webull.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: February 11, 2025
45411: DNS: DeepSeek Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain deepseek.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: February 11, 2025
45412: DNS: RedNote Access
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain xiaohongshu.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: February 11, 2025
45414: NFS: Contec CMS8000 Patient Monitor Mounting Command
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects an attempt to mount a remote NFS share by the Contec CMS8000 Patient Monitor device.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: NFS
- Platform: UNIX/Linux Server Application or Service
- Release Date: February 11, 2025
45421: HTTP: WordPress Ultimate Exporter Plugin Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in the WordPress Ultimate Exporter plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-56278
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 11, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 43677: TCP: Oracle WebLogic Server LinkRef JNDI Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: January 16, 2024
- Last Modified Date: February 11, 2025
44374: HTTP: Microsoft SharePoint Server Business Data Connectivity Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 11, 2024
- Last Modified Date: February 11, 2025
44682: RPC: Microsoft Windows Runtime Library Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: August 20, 2024
- Last Modified Date: February 11, 2025
45358: HTTP: SonicWall NGFW Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: January 28, 2025
- Last Modified Date: February 11, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
42224: HTTP: Trend Micro Apex One File Inclusion Vulnerability (ZDI-25-007,ZDI-23-590,ZDI-23-591)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42224: ZDI-CAN-20180,20181,23401: Zero Day Initiative Vulnerability (Trend Micro Multiple Products)".
- Description updated.
- Vulnerability references updated.
- Release Date: January 31, 2023
- Last Modified Date: February 11, 2025
43508: HTTP: Suspicious Internet Shortcut File Download
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Miscellaneous modification.
- Release Date: December 05, 2023
- Last Modified Date: February 11, 2025
* 43701: HTTP: Microsoft Windows SmartScreen Internet Shortcut Security Bypass Vulnerability (ZDI-24-165,361)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: January 17, 2024
- Last Modified Date: February 11, 2025
* 44701: HTTP: Progress Software WhatsUp Gold GetOrderByClause SQL Injection Vulnerability (ZDI-24-1685)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44701: ZDI-CAN-24634: Zero Day Initiative Vulnerability (Progress Software WhatsUp Gold)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: August 27, 2024
- Last Modified Date: February 11, 2025
Removed Filters:
42720: HTTP: Oracle WebLogic Server JNDI Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Release Date: May 23, 2023
- Last Modified Date: December 03, 2024
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.