New Filters:
45571: HTTP: Gogs DeleteRepoFile Internal File Deletion Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Gogs Gogs.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-39931 CVSS 8.9
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45609: ZDI-CAN-25772: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45610: ZDI-CAN-25804: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45611: ZDI-CAN-25860: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Samsung MagicINFO 9 Server.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45619: HTTP: Ivanti Endpoint Manager EFile Directory Traversal Vulnerability (ZDI-24-1501)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in Ivanti Endpoint Manager.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-34787 CVSS 7.7
- Zero Day Initiative: ZDI-24-1501
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45625: HTTP: VLLM Project vLLM Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in vLLM-project vLLM version 0.5.2.2.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-11040 CVSS 7.5
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45626: ZDI-CAN-25044: Zero Day Initiative Vulnerability (INVT HMITool)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT HMITool.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45627: ZDI-CAN-25045: Zero Day Initiative Vulnerability (INVT HMITool)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT HMITool.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45628: ZDI-CAN-25047: Zero Day Initiative Vulnerability (INVT HMITool)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT HMITool.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45629: ZDI-CAN-25048: Zero Day Initiative Vulnerability (INVT HMITool)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT HMITool.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45630: ZDI-CAN-25550: Zero Day Initiative Vulnerability (INVT VT-Designer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT VT-Designer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45631: ZDI-CAN-25571: Zero Day Initiative Vulnerability (INVT VT-Designer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT VT-Designer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45632: ZDI-CAN-25722: Zero Day Initiative Vulnerability (INVT VT-Designer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT VT-Designer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45633: ZDI-CAN-25723: Zero Day Initiative Vulnerability (INVT VT-Designer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT VT-Designer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45634: ZDI-CAN-25724: Zero Day Initiative Vulnerability (INVT VT-Designer)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting INVT VT-Designer.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45641: HTTP: Sitecore Multiple Products ThumbnailsAccessToken Insecure Deserialization Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Sitecore Experience Manager and Experience Platform.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-27218 CVSS 8.8
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45642: HTTP: LibreOffice EmbeddedFontsHelper Directory Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a directory traversal vulnerability in LibreOffice.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12425 CVSS 3.9
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Client Application
- Release Date: April 01, 2025
45643: ZDI-CAN-18930: Zero Day Initiative Vulnerability (Tenda RX9 Pro)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting Tenda RX9 Pro.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45646: HTTP: BEC Technologies Vulnerable Endpoint Access (ZDI-25-186)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects traffic to the tools_usermanage.asp endpoint.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-2770
- Zero Day Initiative: ZDI-25-186
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: April 01, 2025
45648: HTTP: LiteLLM Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in LiteLLM.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-10188
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45649: HTTP: Zyxel NAS326 Authentication Bypass Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Zyxel NAS326.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4473
- Classification: Vulnerability - Access Validation
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: April 01, 2025
45650: HTTP: MLflow dbfs Path Traversal Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a path traversal vulnerability in MLflow.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-8859
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Other Server Application or Service
- Release Date: April 01, 2025
45659: HTTP: Zyxel NAS326 Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in Zyxel NAS326.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4474
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: April 01, 2025
45660: HTTP: DrayTek Vigor Gateway Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in DrayTek Vigor Gateway.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-12987
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Networked Hardware Device Application or Service
- Release Date: April 01, 2025
45661: HTTP: OpenRapid RapidCMS Password Reset Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a password reset attempt in OpenRapid RapidCMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-4448 CVSS 9.8
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45662: HTTP: Tenda AC10U 15.03.06.49_multi_TDE01 Stack-Based Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stack-based overflow vulnerability in Tenda AC10U 15.03.06.49_multi_TDE01.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-0927 CVSS 9.8
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45663: HTTP: GLPI Agent.php SQL Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a SQL injection vulnerability in GLPI.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-24799
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45664: HTTP: LibreNMS Device Config Stored Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in LibreNMS.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-23200
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45665: HTTP: Tenda AC10U 15.03.06.49_multi_TDE01 DhcpListClient Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Tenda AC10U 15.03.06.49_multi_TDE01.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-0928
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45666: HTTP: Tenda AC10U 15.03.06.49_multi_TDE01 fromSetWirelessRepeat Buffer Overflow Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Tenda AC10U 15.03.06.49_multi_TDE01.
- Deployments:
- Deployment: Security-Optimized (Block / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2024-0930
- Classification: Vulnerability - Buffer/Heap Overflow
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45667: HTTP: D-Link DIR-823X set_prohibiting Command Injection Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a command injection vulnerability in D-Link DIR-823X series routers.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- Deployment: Performance-Optimized (Disabled)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-29635
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
45668: HTTP: Matrix Synapse Homeserver Implementation Federation Denial-of-Service Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: High
- Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Matrix Synapse Homeserver.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-30355 CVSS 7.1
- Classification: Vulnerability - Denial of Service (Crash/Reboot)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: April 01, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
44388: HTTP: Ivanti Endpoint Manager EFile Directory Traversal Vulnerability (ZDI-24-1501)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: June 18, 2024
- Last Modified Date: April 01, 2025
44622: HTTP: Microsoft SharePoint Server Suspicious BDC Model Detected
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: August 13, 2024
- Last Modified Date: April 01, 2025
45246: HTTP: WSO2 API Manager SynapseArtifactUploaderAdmin File Upload Vulnerability (ZDI-24-1741)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: December 31, 2024
- Last Modified Date: April 01, 2025
* 45608: HTTP: Apache Camel CamelExecCommandExecutable Code Execution Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 25, 2025
- Last Modified Date: April 01, 2025
Modified Filters (metadata changes only): None
Removed Filters: None
|
Views: 18
Keywords: Digital Vaccine #10005