New Filters:
45672: HTTP: Ivanti Endpoint Manager GetFilePath Directory Traversal Vulnerability (ZDI-24-1505)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50324 CVSS 7.7
- Zero Day Initiative: ZDI-24-1505
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 08, 2025
45674: HTTP: Ivanti Endpoint Manager OnSaveToDB Directory Traversal Vulnerability (ZDI-24-1503)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50322 CVSS 7.7
- Zero Day Initiative: ZDI-24-1503
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 08, 2025
45675: HTTP: Eramba Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Eramba.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-36255
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 08, 2025
45677: ZDI-CAN-25806: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 08, 2025
45678: ZDI-CAN-25807: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 08, 2025
45679: ZDI-CAN-25809: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 08, 2025
45680: ZDI-CAN-26519: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 08, 2025
45681: HTTP: LibreNMS Device Port Settings Description Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in LibreNMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-23199 CVSS 7.6
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 08, 2025
45682: HTTP: CrushFTP Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in CrushFTP.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2825
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 08, 2025
45683: HTTP: Apache Xalan Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a code execution vulnerability in Apache Xalan.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-34169
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 08, 2025
45686: ZDI-CAN-25892: Zero Day Initiative Vulnerability (Vacron Camera)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Vacron Camera.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 08, 2025
45691: RPC: Microsoft Windows Remote Desktop Licensing Service Information Disclosure Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a information disclosure vulnerability in Microsoft Windows.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-38258
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: MS-RPC
- Platform: Windows Client Application
- Release Date: April 08, 2025
45692: LDAP: Microsoft Windows Lightweight Directory Access Protocol Use-After-Free Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: High
- Description: This filter detects an attempt to exploit a use-after-free vulnerability in Microsoft Windows Lightweight Directory Access Protocol.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-49127
- Classification: Vulnerability - Other
- Protocol: LDAP
- Platform: Windows Server Application or Service
- Release Date: April 08, 2025
45693: ZDI-CAN-26342: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Adobe Acrobat Reader DC.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 08, 2025
45695: HTTP: Ivanti Connect Secure X-Forwarded-For Header Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Ivanti Connect Secure.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-22457 CVSS 9.0
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: April 08, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: July 05, 2016
- Last Modified Date: April 08, 2025
* 42955: HTTP: Adobe ColdFusion Improper Access Control Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: July 18, 2023
- Last Modified Date: April 08, 2025
44389: HTTP: Ivanti Endpoint Manager OnSaveToDB Directory Traversal Vulnerability (ZDI-24-1503)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: April 08, 2025
* 44744: HTTP: Ivanti Endpoint Manager GetFilePath Directory Traversal Vulnerability (ZDI-24-1505)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 17, 2024
- Last Modified Date: April 08, 2025
45301: TCP: Kerberos Suspicious krbtgt Ticket Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: January 14, 2025
- Last Modified Date: April 08, 2025
45610: ZDI-CAN-25804: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: April 01, 2025
- Last Modified Date: April 08, 2025
Modified Filters (metadata changes only): None
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.