New Filters:
45549: HTTP: WordPress Import Export Plugin Download Export Data
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: High
- Description: This filter detects the attempt to export data in Import Export WordPress plugin.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2022-0236
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 18, 2025
45566: HTTP: Progress Kemp LoadMaster logging Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Progress Kemp LoadMaster.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-56131 CVSS 7.3
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 18, 2025
45567: ZDI-CAN-26502: Zero Day Initiative Vulnerability (Webmin Webmin)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against exploitation of a zero-day vulnerability affecting Webmin Webmin.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45568: SMTP: Exim ETRN SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Exim.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-26794 CVSS 6.7
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: SMTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 18, 2025
45569: ZDI-CAN-26478: Zero Day Initiative Vulnerability (Delta Electronics DIAView)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAView.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45570: ZDI-CAN-26477: Zero Day Initiative Vulnerability (Delta Electronics DIAView)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Delta Electronics DIAView.
- Deployments:
- Deployment: Default (Block / Notify / Trace)
- Deployment: Evaluation (Permit / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45572: HTTP: Ivanti Endpoint Manager Exposed API Wildcard Usage
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects an attempt to access a potentially dangerous functionality while targeting an exposed API within Ivanti Endpoint Manager.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2024-13159 CVSS 9.8
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 18, 2025
45574: ZDI-CAN-26350: Zero Day Initiative Vulnerability (Phoenix Contact CHARX SEC-3150)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Phoenix Contact CHARX SEC-3150.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45575: ZDI-CAN-26346: Zero Day Initiative Vulnerability (Phoenix Contact CHARX SEC-3150)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Phoenix Contact CHARX SEC-3150.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45577: HTTP: Dynamic Linq Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Dynamic Linq.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-32571
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 18, 2025
45578: ZDI-CAN-25802: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45579: ZDI-CAN-26057: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45580: ZDI-CAN-25873,26874: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45581: HTTP: Nagios XI banner_message-ajaxhelper.php SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in Nagios XI.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-48084
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: March 18, 2025
45584: ZDI-CAN-25885: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
45585: ZDI-CAN-25955: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: March 18, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
17069: TLS: Microsoft SChannel CertificateVerify Buffer Overflow Vulnerability
- IPS Version: 3.2.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 16, 2014
- Last Modified Date: March 18, 2025
44889: HTTP: HPE Insight Remote Support getDocumentRootElement XML External Entity Processing (ZDI-24-1637)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: March 18, 2025
44890: HTTP: HPE Insight Remote Support validateAgainstXSD XML External Entity Processing (ZDI-24-1638)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: March 18, 2025
44891: HTTP: HPE Insight Remote Support processAtatchmentDataStream Directory Traversal (ZDI-24-1639)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: October 15, 2024
- Last Modified Date: March 18, 2025
45370: HTTP: Squid Proxy ESI Response Processing nullpointer Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: February 04, 2025
- Last Modified Date: March 18, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
* 44382: HTTP: Ivanti Endpoint Manager SQL Injection (ZDI-24-1213,1215,1217,1218,1219,1221,ZDI-25-041)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: March 18, 2025
45531: ZDI-CAN-26020: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Name changed from "45531: ZDI-CAN-26020 Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)".
- Release Date: March 11, 2025
- Last Modified Date: March 18, 2025
45532: ZDI-CAN-26022: Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Name changed from "45532: ZDI-CAN-26022 Zero Day Initiative Vulnerability (Fuji Electric Smart Editor)".
- Release Date: March 11, 2025
- Last Modified Date: March 18, 2025
Removed Filters: None
|
Views:
Keywords: Digital Vaccine #10002