New Filters:
45285: HTTP: Apache Shiro Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Apache Shiro.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2020-13933 CVSS 5.0
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45291: HTTP: Cacti Group Cacti links.php title Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Cacti Group Cacti.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43364 CVSS 8.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45292: HTTP: QNAP HBS 3 Hybrid Backup Sync Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in QNAP HBS 3 Hybrid Backup Sync.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50388 CVSS 8.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45293: RSYNC: QNAP HBS 3 Hybrid Backup Sync Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in QNAP HBS 3 Hybrid Backup Sync.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-50388 CVSS 8.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45294: HTTP: Rockwell Automation ThinManager ThinServer.exe API Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Rockwell Automation ThinManager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45826 CVSS 6.3
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45304: HTTP: Suspicious Transfer-Encoding Content-Length Header
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a Content-Length header and a Transfer-Encoding header in an HTTP request.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2017-7658
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45305: HTTP: Chamilo Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in Chamilo.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4220
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: January 21, 2025
45307: HTTP: Judge0 Sandbox Escape Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a sandbox escape vulnerability in Judge0.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-28189
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: January 21, 2025
45308: HTTP: Zoho ManageEngine Analytics Plus getOAToken Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to request an admin user token from Zoho ManageEngine Analytics Plus.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-52323 CVSS 8.8
- Zero Day Initiative: ZDI-24-1676
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45309: HTTP: Apache Traffic Control Traffic Ops SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an sql injection vulnerability in Apache Traffic Control Traffic Ops.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45387 CVSS 9.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45311: HTTP: Cerio Router Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Moderate
- Description: This filter detects an attempt to exploit a command injection vulnerability in a Cerio Router web interface.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2018-18852
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45322: HTTP: Tongda Office Anywhere (OA) delete_log.php SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Tongda Office Anywhere.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4166 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 21, 2025
45323: HTTP: Chamilo wsConvertPpt Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit command injection vulnerability in Chamilo.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-34960 CVSS 9.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: January 21, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 3959: HTTP: Cross-Site Scripting (Cookie Manipulation)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 20, 2006
- Last Modified Date: January 21, 2025
* 44034: HTTP: Google Chrome VideoFrame Use-After-Free Vulnerability (Pwn2Own ZDI-25-027)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44034: PWN2OWN ZDI-CAN-23793: Zero Day Initiative Vulnerability (Chromium)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 26, 2024
- Last Modified Date: January 21, 2025
44290: HTTP: XWiki.org XWiki SolrSearchMacros text Command Injection Vulnerability (ZDI-24-1697)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44290: ZDI-CAN-23994: Zero Day Initiative Vulnerability (XWiki.org XWiki)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 04, 2024
- Last Modified Date: January 21, 2025
* 44382: HTTP: Ivanti Endpoint Manager SQL Injection Vulnerability (ZDI-24-1213,1215,1217-1219,1221)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: January 21, 2025
44401: HTTP: GFI Archiver Telerik Web UI Remote Code Execution Vulnerability (ZDI-24-1671)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44401: ZDI-CAN-24041: Zero Day Initiative Vulnerability (GFI Archiver)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: January 21, 2025
44582: HTTP: Veritas Enterprise Vault Deserialization Vulnerability (ZDI-24-1663,1665,1666,1667,1668)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44582: ZDI-CAN-24336,24339,24341,24344,24405: Zero Day Initiative Vulnerability (Veritas Enterprise Vault)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: January 21, 2025
* 44600: ZDI-CAN-24571: Zero Day Initiative Vulnerability (Trend Micro Apex One)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Detection logic updated.
- Release Date: September 03, 2024
- Last Modified Date: January 21, 2025
44888: TCP: HPE Insight Remote Support DESTA Service Insecure Deserialization Vulnerability (ZDI-24-1636)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44888: ZDI-CAN-24812: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
44889: HTTP: HPE Insight Remote Support getDocumentRootElement XML External Entity Processing (ZDI-24-1637)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44889: ZDI-CAN-24813: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
44890: HTTP: HPE Insight Remote Support validateAgainstXSD XML External Entity Processing (ZDI-24-1638)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44890: ZDI-CAN-24814: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
44891: HTTP: HPE Insight Remote Support processAtatchmentDataStream Directory Traversal (ZDI-24-1639)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44891: ZDI-CAN-25161: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 21, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
3543: HTTP: Content-Length Header Anomaly
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: December 31, 2005
- Last Modified Date: January 21, 2025
44080: HTTP: Paessler PRTG Network Monitor SNMP Cross-Site Scripting Vulnerability (ZDI-24-1736)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44080: ZDI-CAN-23371: Zero Day Initiative Vulnerability (Paessler PRTG Network Monitor)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 09, 2024
- Last Modified Date: January 21, 2025
44608: HTTP: Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1730)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44608: ZDI-CAN-24867: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44609: HTTP: Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1728)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44609: ZDI-CAN-24870: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44651: HTTP: Delta Electronics DRASimuCAD STP File Parsing Type Confusion Vulnerability (ZDI-24-1722)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44651: ZDI-CAN-22414: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44652: HTTP: Delta Electronics DRASimuCAD ICS File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1723)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44652: ZDI-CAN-22415: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44653: HTTP: Delta Electronics DRASimuCAD STP File Parsing Type Confusion Vulnerability (ZDI-24-1724)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44653: ZDI-CAN-22450: Zero Day Initiative Vulnerability (Delta Electronics DRASimuCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44683: HTTP: AutomationDirect C-More EA9 EAP9 File Parsing Buffer Overflow Vulnerability (ZDI-24-1673)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44683: ZDI-CAN-24772: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44684: HTTP: AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Vulnerability (ZDI-24-1674)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44684: ZDI-CAN-24773: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44685: HTTP: AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Vulnerability (ZDI-24-1675)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44685: ZDI-CAN-24774: Zero Day Initiative Vulnerability (AutomationDirect C-More EA9)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44686: HTTP: Ashlar-Vellum Cobalt CO File Parsing Type Confusion Vulnerability (ZDI-24-1731)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44686: ZDI-CAN-24843: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 20, 2024
- Last Modified Date: January 21, 2025
44777: HTTP: Delta Electronics CNCSoft-G2 DPAX Heap-based Buffer Overflow Vulnerability (ZDI-24-1656)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44777: ZDI-CAN-25292: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 17, 2024
- Last Modified Date: January 21, 2025
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9989