New Filters:
45489: HTTP: Netis Router MW5360 Password Reset Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Low
- Description: This filter detects a suspicious request in Netis Router MW5360.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-48457
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
45494: TCP: Microsoft Message Queuing Service Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Message Queuing Service.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-21277
- Classification: Vulnerability - Other
- Protocol: TCP (Generic)
- Platform: Windows Server Application or Service
- Release Date: March 04, 2025
45499: ZDI-CAN-25342: Zero Day Initiative Vulnerability (Trend Micro Worry-Free Business Security)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Trend Micro Worry-Free Business Security.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45500: ZDI-CAN-25954: Zero Day Initiative Vulnerability (Hewlett Packard Enterprise Insight Remote Support)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Hewlett Packard Enterprise Insight Remote Support.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45501: ZDI-CAN-26238: Zero Day Initiative Vulnerability (Ashlar-Vellum Cobalt)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Ashlar-Vellum Cobalt.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45502: ZDI-CAN-26161: Zero Day Initiative Vulnerability (Delta Electronics DTM Soft)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DTM Soft.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45503: ZDI-CAN-26167: Zero Day Initiative Vulnerability (Delta Electronics CNCSoft-G2)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics CNCSoft-G2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45505: HTTP: NetAlertX Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in NetAlertX.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-48766
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
45506: ZDI-CAN-26026: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45507: ZDI-CAN-26028: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45508: ZDI-CAN-26032: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Smart Editor.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45510: HTTP: Cacti Group Cacti RRDTool CRLF Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a CRLF Injection vulnerability in Cacti Group Cacti.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-24367 CVSS 7.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
45511: HTTP: Centreon Web manageVMetric SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Centreon Web.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-55573 CVSS 7.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
45512: HTTP: JBoss RichFaces Code Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a code injection vulnerability in JBoss RichFaces.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2018-12533 CVSS 9.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: UNIX/Linux Server Application or Service
- Release Date: March 04, 2025
45513: HTTP: LB-Link AC1900 Multiple Parameter Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection in LB-Link AC1900 router devices.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-1608 CVSS 5.3, CVE-2025-1609 CVSS 5.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: March 04, 2025
45514: HTTP: LB-Link AC1900 set_blacklist Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection in LB-Link AC1900 router devices.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-1610 CVSS 5.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: March 04, 2025
45515: HTTP: Invoke AI Model Installation Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to install a model from a URL in Invoke AI.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12029
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
45526: ZDI-CAN-26168: Zero Day Initiative Vulnerability (Sante DICOM)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Sante DICOM.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 04, 2025
45527: RSYNC: rsync Checksum Parsing Heap Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in rsync.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12084
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
45528: RSYNC: rsync s2length Specific Size Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an rsync transfer with an s2length of 9.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12085
- Classification: Security Policy - Other
- Protocol: TCP (Generic)
- Platform: Multi-Platform Server Application or Service
- Release Date: March 04, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
44290: HTTP: XWiki.org XWiki SolrSearchMacros text Command Injection Vulnerability (ZDI-24-1697)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 04, 2024
- Last Modified Date: March 04, 2025
44896: HTTP: mySCADA myPRO Command Injection Vulnerability (ZDI-25-088)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44896: ZDI-CAN-24784: Zero Day Initiative Vulnerability (mySCADA myPRO)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: March 04, 2025
44897: HTTP: mySCADA myPRO Command Injection Vulnerability (ZDI-25-089)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "44897: ZDI-CAN-24785: Zero Day Initiative Vulnerability (mySCADA myPRO)".
- Severity changed from "High" to "Critical".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: March 04, 2025
45172: HTTP: Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability(ZDI-25-042)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 24, 2024
- Last Modified Date: March 04, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 40627: HTTP: JNDI Injection in HTTP Request
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Release Date: December 13, 2021
- Last Modified Date: March 04, 2025
* 44477: HTTP: Netis Router MW5360 Password Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 09, 2024
- Last Modified Date: March 04, 2025
Removed Filters: None
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.