New Filters:
45242: HTTP: Schneider Electric EcoStruxure DC Expert Upgrade Upload (ZDI-24-1417)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to exploit an external entity processing vulnerability in Schneider Electric EcoStruxure.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-8531
- Zero Day Initiative: ZDI-24-1417
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45312: HTTP: WordPress Super Backup & Clone Plugin Unauthenticated Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a file upload vulnerability in the WordPress Super Backup & Clone Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-9290
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45313: HTTP: Pandora FMS Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Pandora FMS.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-11320
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45324: HTTP: Mitel MiCollab NuPoint Unified Messaging Path Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a path traversal vulnerability in Mitel MiCollab NPM.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-41713
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45338: HTTP: Progress WhatsUp Gold SnmpExtendedActiveMonitor Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Progress WhatsUp Gold.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12105 CVSS 5.9
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45339: HTTP: Apache Solr URL Path Handling Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Apache Solr.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-45216 CVSS 8.5
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45341: HTTP: LibreNMS Device Display Name Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in LibreNMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-53457 CVSS 8.2
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45342: HTTP: Ivanti Cloud Services Appliance removeCoreCertificate SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Ivanti Cloud Services Appliance.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-11773 CVSS 7.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45345: HTTP: WordPress White Label MS Plugin Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in the WordPress White Label MS Plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-0422
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45349: LDAP: OpenLDAP back-sql LDAP Search SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in OpenLDAP.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-29155
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: LDAP
- Platform: Multi-Platform Server Application or Service
- Release Date: January 28, 2025
45358: HTTP: SonicWall NGFW Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in SonicWall NGFW.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-22274, CVE-2023-0656
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: January 28, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 43563: HTTP: Apache Struts 2 Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: December 19, 2023
- Last Modified Date: January 28, 2025
* 44702: HTTP: Progress Software WhatsUp Gold SQL Injection Vulnerability (ZDI-24-1684,1686,1687)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44702: ZDI-CAN-24638,24644,24647: Zero Day Initiative Vulnerability (Progress Software WhatsUp Gold)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 27, 2024
- Last Modified Date: January 28, 2025
44820: HTTP: Dell Avamar Fitness Analyzer API SQL Injection Vulnerability (ZDI-24-1690)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44820: ZDI-CAN-25065: Zero Day Initiative Vulnerability (Dell Avamar)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 24, 2024
- Last Modified Date: January 28, 2025
44821: HTTP: Dell Avamar Web Restore Login Action SQL Injection Vulnerability (ZDI-24-1693)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44821: ZDI-CAN-25066: Zero Day Initiative Vulnerability (Dell Avamar)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: September 24, 2024
- Last Modified Date: January 28, 2025
* 45094: HTTP: SonicWALL NSv SSH Management Server-Side Request Forgery Vulnerability (ZDI-25-013)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45094: ZDI-CAN-24820: Zero Day Initiative Vulnerability (SonicWall NSv)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: November 19, 2024
- Last Modified Date: January 28, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 05, 2016
- Last Modified Date: January 28, 2025
44005: HTTP: Delta Electronics DTM Soft BIN Deserialization of Untrusted Data Vulnerability (ZDI-24-1721)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44005: ZDI-CAN-22331: Zero Day Initiative Vulnerability (Delta Electronics DTM Soft)".
- Description updated.
- Vulnerability references updated.
- Release Date: March 26, 2024
- Last Modified Date: January 28, 2025
44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability (ZDI-24-1207,ZDI-24-1658)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44574: HTTP: Microsoft Windows MSHTML Platform Spoofing Vulnerability (ZDI-24-1207)".
- Description updated.
- Vulnerability references updated.
- Release Date: August 06, 2024
- Last Modified Date: January 28, 2025
44739: HTTP: Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Vulnerability (ZDI-24-1732)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44739: ZDI-CAN-24844: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)".
- Description updated.
- Vulnerability references updated.
- Release Date: September 10, 2024
- Last Modified Date: January 28, 2025
44819: HTTP: Dell Avamar Fitness Analyzer API SQL Injection Vulnerability (ZDI-24-1689)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44819: ZDI-CAN-25064: Zero Day Initiative Vulnerability (Dell Avamar)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: September 24, 2024
- Last Modified Date: January 28, 2025
44822: HTTP: Dell Avamar Fitness Analyzer API SQL Injection Vulnerability (ZDI-24-1692)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44822: ZDI-CAN-25068: Zero Day Initiative Vulnerability (Dell Avamar)".
- Severity changed from "Critical" to "High".
- Description updated.
- Vulnerability references updated.
- Release Date: September 24, 2024
- Last Modified Date: January 28, 2025
44930: HTTP: Hugging Face Transformers MobileViTV2 Deserialization Vulnerability (ZDI-24-1513)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44930: ZDI-CAN-24322: Zero Day Initiative Vulnerability (Hugging Face Transformer)".
- Description updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: January 28, 2025
* 45096: HTTP: SonicWALL NSv Authentication Bypass Vulnerability (ZDI-25-012)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45096: ZDI-CAN-24819: Zero Day Initiative Vulnerability (SonicWall NSv)".
- Description updated.
- Vulnerability references updated.
- Release Date: November 19, 2024
- Last Modified Date: January 28, 2025
* 45309: HTTP: Apache Traffic Control Traffic Ops SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: January 21, 2025
- Last Modified Date: January 28, 2025
Removed Filters:
11889: Backdoor: Poison Ivy Remote Administration Tool
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Release Date: November 22, 2011
- Last Modified Date: January 10, 2017
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.