New Filters:
45530: ZDI-CAN-25942: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 11, 2025
45531: ZDI-CAN-26020 Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 11, 2025
45532: ZDI-CAN-26022 Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 11, 2025
45533: ZDI-CAN-26024: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 11, 2025
45534: HTTP: Zimbra Collaboration CancelPendingAccountOnlyRemoteWipe SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Zimbra Collaboration.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-25064 CVSS 8.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45538: HTTP: SimpleHelp Remote Support Software Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in SimpleHelp remote support software.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-57727
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45539: TLS: OpenSSL do_x509_check Name Check Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in OpenSSL.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-6119 CVSS 6.5
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: SSL/TLS
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45543: HTTP: RaspberryMatic Firmware Upload
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to upload firmware to RaspberryMatic.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-24578
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45544: HTTP: Ruby on Rails MemCacheStore and RedisCacheStore Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Ruby on Rails.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-8165
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45548: HTTP: PHPGurukul Land Record System contactno SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in PHPGurukul Land Record System.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-25389
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45550: HTTP: D-Tale Enable Custom Filters Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to enable custom filters in D-Tale.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-0655
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45551: DNS: Cloudflare Tunnel Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects DNS queries to the domain argotunnel.com.
- Deployment: Not enabled by default in any deployment.
- Classification: Security Policy - Forbidden Application Access or Service Request
- Protocol: DNS
- Platform: Multi-Platform Client Application
- Release Date: March 11, 2025
45560: RSYNC: rsync blength Specific Size Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an rsync transfer with a blength of 1.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12086
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
45561: RSYNC: rsync safe-links Bypass Attempt
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an rsync transfer with the safe-links option enabled that contains an unsafe symlink.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12087, CVE-2024-12088
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: March 11, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
30264: HTTP: WPScan Tool Detection
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: January 30, 2018
- Last Modified Date: March 11, 2025
42240: HTTP: Oracle Web Applications Desktop Integrator bne:uueupload File Upload
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: January 31, 2023
- Last Modified Date: March 11, 2025
* 44868: HTTP: Moodle SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: October 08, 2024
- Last Modified Date: March 11, 2025
* 45069: HTTP: Fortinet FortiWeb gui_upload_compress_act Command Injection Vulnerability (ZDI-25-095)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45069: ZDI-CAN-25180: Zero Day Initiative Vulnerability (Fortinet FortiWeb)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 12, 2024
- Last Modified Date: March 11, 2025
* 45070: HTTP: Fortinet FortiWeb cgi_grpc_idl_file_post Command Injection Vulnerability (ZDI-25-094)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45070: ZDI-CAN-25182: Zero Day Initiative Vulnerability (Fortinet FortiWeb)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 12, 2024
- Last Modified Date: March 11, 2025
* 45096: HTTP: SonicWALL NSv Authentication Bypass Vulnerability (ZDI-25-012)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 19, 2024
- Last Modified Date: March 11, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 44037: HTTP: Apple Safari B3 JIT Compiler Integer Underflow Vulnerability (Pwn2Own ZDI-25-092)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44037: PWN2OWN ZDI-CAN-23795: Zero Day Initiative Vulnerability (Apple Safari)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 26, 2024
- Last Modified Date: March 11, 2025
44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability (ZDI-24-1207,ZDI-24-1658,ZDI-25-090)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability (ZDI-24-1207,ZDI-24-1658)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: March 11, 2025
44936: HTTP: PostHog database_schema Server-Side Request Forgery Vulnerability (ZDI-24-1383)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: March 11, 2025
44950: HTTP: PostHog slack_incoming_webhook Server-Side Request Forgery Vulnerability (ZDI-25-096)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44950: ZDI-CAN-25352: Zero Day Initiative Vulnerability (PostHog)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: October 22, 2024
- Last Modified Date: March 11, 2025
* 45302: HTTP: Pandas DataFrame Query Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: January 14, 2025
- Last Modified Date: March 11, 2025
45482: HTTP: Suspicious PKZIP Archive Containing MMC files
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Miscellaneous modification.
- Release Date: February 25, 2025
- Last Modified Date: March 11, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.