New Filters:
42770: HTTP: WordPress Limit Login Attempts Plugin Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in the WordPress Limit Login Attempts plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-1861
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42774: HTTP: mySCADA myPRO Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in mySCADA myPRO.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28400
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42775: HTTP: WordPress Advanced Custom Fields Plugin post_status Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in WordPress Advanced Custom Fields plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-30777
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42792: HTTP: Jenkins Sidebar Link Plugin icon Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Jenkins Sidebar Link Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32985
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42793: TCP: Ivanti Avalanche Enterprise Server GetSettings Authentication Bypass Vulnerability(ZDI-23-454)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Ivanti Avalanche Enterprise Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-28126
- Zero Day Initiative: ZDI-23-454
- Classification: Vulnerability - Access Validation
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42810: HTTP: WordPress Suspicious User-Agent Header Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an HTTP request with a suspicious User-Agent header using the WordPress Shield Security plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-0992 CVSS 8.7
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42820: TCP: Microsoft Windows JET Database Engine Large Prefix Length
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a large prefix usage in Microsoft JET Database.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2020-1074
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Windows Server Application or Service
- Release Date: June 13, 2023
42821: HTTP: SQL Injection (Content-Disposition Header)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a SQL injection attack in which the Content-Disposition header of an HTTP request is used as an attack vector.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42822: HTTP: Joomla Configuration Leak
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a request to the application API endpoint for Joomla.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2023-23752
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: June 13, 2023
42836: HTTP: LB-Link Multiple Products Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection in various LB-Link products.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-26801
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 13, 2023
42837: HTTP: Tenda G103 Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection in Tenda G103.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-27076
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 13, 2023
42838: HTTP: Zyxel Routers Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit an code execution vulnerability in multiple Zyxel products.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 13, 2023
42839: HTTP: Digital China Networks DCBI-Netlog-LAB Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Digital China Networks DCBI-Netlog-LAB.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-26802
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: June 13, 2023
Modified Filters (logic changes):
* = Enabled in Default deployments
35440: HTTP: Microsoft Windows JET Database Engine Out-Of-Bounds Write Vulnerability (ZDI-20-1128)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 16, 2020
- Last Modified Date: June 13, 2023
40003: HTTP: Trend Micro Apex One Directory Traversal File Deletion Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40003: ZDI-CAN-14457: Zero Day Initiative Vulnerability (Trend Micro Apex One)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: July 20, 2021
- Last Modified Date: June 13, 2023
40482: HTTP: WECON LeviStudioU XML File Parsing G_Picture Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40482: ZDI-CAN-14935: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 02, 2021
- Last Modified Date: June 13, 2023
40483: HTTP: WECON LeviStudioU HSC File General Tag WordAddr Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40483: ZDI-CAN-15014: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 02, 2021
- Last Modified Date: June 13, 2023
40484: HTTP: WECON LeviStudioU XML File Parsing MulStatus Tag szFilename Buffer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40484: ZDI-CAN-14937: Zero Day Initiative Vulnerability (WECON LeviStudioU)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 02, 2021
- Last Modified Date: June 13, 2023
41307: HTTP: Adobe Acrobat Reader DC Annotation Highlight delay Use-After-Free Vulnerability (ZDI-23-734)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41307: ZDI-CAN-16873: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 17, 2022
- Last Modified Date: June 13, 2023
41308: HTTP: Adobe Acrobat Reader DC Annotation popupOpen Use-After-Free Vulnerability (ZDI-23-735)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41308: ZDI-CAN-16874: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 17, 2022
- Last Modified Date: June 13, 2023
41309: HTTP: Adobe Acrobat Reader DC Highlight Annotation noView Use-After-Free Vulnerability (ZDI-23-736)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "41309: ZDI-CAN-16875: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 17, 2022
- Last Modified Date: June 13, 2023
* 42155: HTTP: Synology RT6600ax Command Injection Vulnerability (Pwn2Own ZDI-23-661)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "42155: PWN2OWN ZDI-CAN-19752: Zero Day Initiative Vulnerability (Synology RT6600ax)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Deployments updated and are now:
- Deployment: Default (Block / Notify)
- Deployment: Performance-Optimized (Disabled)
- Release Date: January 10, 2023
- Last Modified Date: June 13, 2023
* 42626: HTTP: PaperCut MF and NG SetupCompleted Authentication Bypass Vulnerability (ZDI-23-233)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: April 25, 2023
- Last Modified Date: June 13, 2023
42646: HTTP: VMware Aria Operations for Logs Insecure Deserialization Vulnerability (ZDI-23-482)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category changed from "Exploits" to "Vulnerabilities".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 02, 2023
- Last Modified Date: June 13, 2023
Modified Filters (metadata changes only):
* = Enabled in Default deployments
39862: HTTP: Microsoft Windows Media Foundation Core Out-Of-Bounds Write Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "39862: ZDI-CAN-13693: Zero Day Initiative Vulnerability (Microsoft Windows Media Foundation)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 15, 2021
- Last Modified Date: June 13, 2023
40353: SMB: Trend Micro Apex One Named Pipe Denial-of-Service Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Name changed from "40353: ZDI-CAN-14887,15138,15139,15140: Zero Day Initiative Vulnerability (Trend Micro Apex One)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 28, 2021
- Last Modified Date: June 13, 2023
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.