New Filters: 45143: TCP: Ivanti Avalanche InfoRail Denial-of-Service Vulnerability (ZDI-24-1491) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Vulnerabilities - Severity: High - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Ivanti Avalanche Enterprise Service. - Deployment: Not enabled by default in any deployment. - References: - Common Vulnerabilities and Exposures: CVE-2024-50320 - Zero Day Initiative: ZDI-24-1491 - Classification: Vulnerability - Denial of Service (Crash/Reboot) - Protocol: TCP (Generic) - Platform: Multi-Platform Server Application or Service - Release Date: December 17, 2024 45167: HTTP: Raisecom Gateway Command Injection Vulnerability - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Vulnerabilities - Severity: Critical - Description: This filter detects an attempt to exploit a command injection vulnerability in Raisecom. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2024-7120 - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc) - Protocol: HTTP - Platform: Other Server Application or Service - Release Date: December 17, 2024 45168: HTTP: Jeecg-Boot SQL Injection Vulnerability - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Jeecg-Boot. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2023-38992 - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc) - Protocol: HTTP - Platform: Multi-Platform Server Application or Service - Release Date: December 17, 2024 45170: HTTP: WordPress Contact Form 7 File Stored Cross-Site Scripting Vulnerability - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Vulnerabilities - Severity: Critical - Description: This filter detects an attempt to exploit a file upload vulnerability in the WordPress Contact Form 7 plugin. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2022-0595 - Classification: Vulnerability - Other - Protocol: HTTP - Platform: Multi-Platform Server Application or Service - Release Date: December 17, 2024 45174: ZDI-CAN-25713: Zero Day Initiative Vulnerability (Ivanti Avalanche) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Ivanti Avalanche. - Deployments: - Deployment: Security-Optimized (Block / Notify / Trace) - Classification: Vulnerability - Other - Protocol: Other Protocol - Platform: Other Server Application or Service - Release Date: December 17, 2024 45179: PWN2OWN ZDI-CAN-25606: Zero Day Initiative Vulnerability (Sonos Era 300) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Category: Vulnerabilities - Severity: Critical - Description: This filter protects against exploitation of a zero-day vulnerability affecting Sonos Era 300. - Deployments: - Deployment: Security-Optimized (Block / Notify / Trace) - Classification: Vulnerability - Other - Protocol: Other Protocol - Platform: Other Server Application or Service - Release Date: December 17, 2024 45186: PWN2OWN ZDI-CAN-25613: Zero Day Initiative Vulnerability (Synology BeeStation BST150-4T) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Synology BeeStation BST150-4T. - Deployments: - Deployment: Security-Optimized (Block / Notify / Trace) - Classification: Vulnerability - Other - Protocol: Other Protocol - Platform: Other Server Application or Service - Release Date: December 17, 2024 45187: PWN2OWN ZDI-CAN-25623: Zero Day Initiative Vulnerability (Synology BeeStation BST150-4T) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Synology BeeStation BST150-4T. - Deployments: - Deployment: Security-Optimized (Block / Notify / Trace) - Classification: Vulnerability - Other - Protocol: Other Protocol - Platform: Other Server Application or Service - Release Date: December 17, 2024 45188: PWN2OWN ZDI-CAN-25658: Zero Day Initiative Vulnerability (Synology BeeStation BST150-4T) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Synology BeeStation BST150-4T. - Deployments: - Deployment: Security-Optimized (Block / Notify / Trace) - Classification: Vulnerability - Other - Protocol: Other Protocol - Platform: Other Server Application or Service - Release Date: December 17, 2024 45192: PWN2OWN ZDI-CAN-25482: Zero Day Initiative Vulnerability (QNAP TS-464) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Category: Vulnerabilities - Severity: Critical - Description: This filter protects against exploitation of a zero-day vulnerability affecting QNAP TS-464. - Deployments: - Deployment: Default (Block / Notify / Trace) - Deployment: Evaluation (Permit / Notify / Trace) - Classification: Vulnerability - Other - Protocol: Other Protocol - Platform: Other Server Application or Service - Release Date: December 17, 2024 45193: HTTP: Cleo Managed File Transfer Lexicom, VLTransfer, and Harmony Directory Traversal Vulnerability - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Category: Vulnerabilities - Severity: Critical - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Cleo Managed File Transfer software including the applications LexiCom, VLTransfer, and Harmony. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Evaluation (Permit / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2024-50623 - Classification: Vulnerability - Other - Protocol: HTTP - Platform: Multi-Platform Server Application or Service - Release Date: December 17, 2024 Modified Filters (logic changes): * = Enabled in Default deployments 43943: HTTP: Centreon updateServiceHost_MC SQL Injection Vulnerability (ZDI-24-595,ZDI-24-596,ZDI-24-899) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Detection logic updated. - Vulnerability references updated. - Release Date: March 05, 2024 - Last Modified Date: December 17, 2024 44995: PWN2OWN ZDI-CAN-25607: Zero Day Initiative Vulnerability (Synology DiskStation DS1823xs+) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Detection logic updated. - Release Date: October 29, 2024 - Last Modified Date: December 17, 2024 * 45010: PWN2OWN ZDI-CAN-25581: Zero Day Initiative Vulnerability (Samsung Galaxy S24) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Detection logic updated. - Release Date: October 29, 2024 - Last Modified Date: December 17, 2024 * 45015: PWN2OWN ZDI-CAN-25672: Zero Day Initiative Vulnerability (QNAP Qhora-322) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: Not available. - Requires: IPS N-Platform, NX-Platform, or TPS models. - Detection logic updated. - Release Date: October 29, 2024 - Last Modified Date: December 17, 2024 Modified Filters (metadata changes only): * = Enabled in Default deployments 44611: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-24-1625) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44611: ZDI-CAN-24664: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)". - Description updated. - Vulnerability references updated. - Release Date: August 13, 2024 - Last Modified Date: December 17, 2024 44629: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-24-1626) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44629: ZDI-CAN-24768: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)". - Description updated. - Vulnerability references updated. - Release Date: August 13, 2024 - Last Modified Date: December 17, 2024 44630: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Out-Of-Bounds Write Vulnerability (ZDI-24-1627) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44630: ZDI-CAN-24769: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)". - Description updated. - Vulnerability references updated. - Release Date: August 13, 2024 - Last Modified Date: December 17, 2024 44631: HTTP: Fuji Electric Tellus Lite V-Simulator 5 V8 Buffer Overflow Vulnerability (ZDI-24-1628) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44631: ZDI-CAN-24770: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)". - Description updated. - Vulnerability references updated. - Release Date: August 13, 2024 - Last Modified Date: December 17, 2024 44633: HTTP: Fuji Electric Tellus Lite V-Simulator Out-Of-Bounds Write Vulnerability (ZDI-24-1629) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44633: ZDI-CAN-24771: Zero Day Initiative Vulnerability (Fuji Electric Tellus Lite V-Simulator 5)". - Description updated. - Vulnerability references updated. - Release Date: August 13, 2024 - Last Modified Date: December 17, 2024 44634: HTTP: Fuji Electric Monitouch V-SFT V8 File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1623) - IPS Version: 3.9.5 and after. - TPS Version: 5.2.2 and after. - vTPS Version: 5.2.2 and after. - Name changed from "44634: ZDI-CAN-24662: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)". - Description updated. - Vulnerability references updated. - Release Date: August 13, 2024 - Last Modified Date: December 17, 2024 Removed Filters: None |