New Filters:
45429: HTTP: Microsoft Configuration Manager SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Microsoft Configuration Manager.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43468 CVSS 8.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45436: HTTP: Microsoft Configuration Manager CCM_POST Request Detection
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a suspicious CCM_POST Request in Microsoft Configuration Manager.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-43468 CVSS 8.8
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45465: HTTP: Gogs Repository Contents API Path Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a path traversal vulnerability in Gogs Repository.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-55947 CVSS 8.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45466: HTTP: JetBrains TeamCity Vault Connection Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in JetBrains TeamCity.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-24459 CVSS 4.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45467: ZDI-CAN-26233: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45468: ZDI-CAN-26235: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45470: ZDI-CAN-26053: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45471: ZDI-CAN-26236: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45472: ZDI-CAN-26237: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45473: HTTP: WordPress Super Backup & Clone - Migrate Plugin Arbitrary File Upload Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an arbitrary file upload vulnerability in the Super Backup & Clone - Migrate plugin for WordPress.
- Deployments:
- Deployment: Default (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-56064
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45474: HTTP: Spring Frameworks URL Parsing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a URL parsing vulnerability in Spring Frameworks.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-22243
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45476: HTTP: C-Data Wi-Fi Web Management System jumpto.php Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects jumpto.php usage in C-Data Wi-Fi Web.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-4257
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45477: HTTP: ProjectSend Unsafe Configuration Setting Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to update to an unsafe configuration in ProjectSend.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-11680 CVSS 9.8
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45478: HTTP: WordPress Beautiful Taxonomy Filters Plugin SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in the WordPress Beautiful Taxonomy Filters plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12270 CVSS 7.5
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45479: HTTP: WordPress Umbrella Update Backup Restore & Monitoring Plugin LFI Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a local file inclusion vulnerability in the WordPress Umbrella Update Backup Restore & Monitoring plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12209 CVSS 9.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45480: HTTP: WordPress Swift Performance Lite Plugin PHP Local File Inclusion Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a local file inclusion vulnerability in the WordPress Swift Performance Lite plugin.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-10516 CVSS 8.1
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45482: HTTP: Suspicious PKZIP Archive Containing MMC files
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects the presence of .msc files in a PKZip archive.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45483: HTTP: Swagger UI OpenAI JSON/YAML Spoofing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a spoofing vulnerability in Swagger UI.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2018-25031
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: February 25, 2025
45484: TCP: Node.js vm2 Sandbox Escape Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a sandbox escape vulnerability in Node.js vm2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32314
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45485: HTTP: PHPGurukul Small CRM SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in PHPGurukul Small CRM.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-3690
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45486: HTTP: NetAlertX Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in NetAlertX.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-46506
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
45487: HTTP: Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a security feature bypass vulnerability in Microsoft Windows.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-21377
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Windows Client Application
- Release Date: February 25, 2025
45488: HTTP: C-Data Wi-Fi Web Management System ping or tracert Remote Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects a remote code execution vulnerability has been reported in C-Data Wi-Fi Web.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2022-4257
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: February 25, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
* 43563: HTTP: Apache Struts 2 Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: December 19, 2023
- Last Modified Date: February 25, 2025
* 45164: HTTP: WordPress Quiz Maker ays_quiz_tab Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: December 10, 2024
- Last Modified Date: February 25, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 43701: HTTP: Microsoft Windows SmartScreen Internet Shortcut Security Bypass Vulnerability (ZDI-24-165,361)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: January 17, 2024
- Last Modified Date: February 25, 2025
44054: HTTP: Siemens Tecnomatix Plant Simulation MODEL Out-Of-Bounds Write Vulnerability (ZDI-24-594)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44054: ZDI-CAN-22974: Zero Day Initiative Vulnerability (Siemens Tecnomaticix Plant Simulation)".
- Description updated.
- Vulnerability references updated.
- Release Date: April 02, 2024
- Last Modified Date: February 25, 2025
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #9997