New Filters:
45761: HTTP: Suspicious Siemens SINEC NMS 7Z File Upload Detected (ZDI-25-576)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious 7z file upload in Siemens SINEC NMS.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-40738 CVSS 8.8
- Zero Day Initiative: ZDI-25-576
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 05, 2025
46240: HTTP: PaperCut NG and MF Cross-Site Request Forgery Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Exploits
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site request forgery vulnerability in PaperCut NG and MF.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2023-2533
- Classification: Vulnerability - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 05, 2025
46241: ZDI-CAN-27351: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46242: HTTP: Suspicious Samsung MagicINFO 9 Server Users Signup Detected (ZDI-25-668)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Security Policy
- Severity: Moderate
- Description: This filter detects a suspicious users signup request in Samsung MagicINFO 9 Server.
- Deployment: Not enabled by default in any deployment.
- References:
- Common Vulnerabilities and Exposures: CVE-2025-54452 CVSS 7.3
- Zero Day Initiative: ZDI-25-668
- Classification: Security Policy - Other
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 05, 2025
46243: ZDI-CAN-27527: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46244: ZDI-CAN-27679: Zero Day Initiative Vulnerability (OceanBase Agent)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter protects against the exploitation of a zero-day vulnerability affecting OceanBase Agent.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46245: ZDI-CAN-27399: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46246: ZDI-CAN-27436: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46247: ZDI-CAN-27438: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46248: ZDI-CAN-27360: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46249: ZDI-CAN-27440: Zero Day Initiative Vulnerability (Fuji Electric Monitouch V-SFT)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: Not available.
- Requires: IPS N-Platform, NX-Platform, or TPS models.
- Category: Exploits
- Severity: Critical
- Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Monitouch V-SFT.
- Deployments:
- Deployment: Security-Optimized (Block / Notify / Trace)
- Classification: Vulnerability - Other
- Protocol: Other Protocol
- Platform: Other Server Application or Service
- Release Date: August 05, 2025
46255: HTTP: Splunk Enterprise pdfgen_endpoint.py Cross-Site Scripting Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Category: Vulnerabilities
- Severity: Critical
- Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Splunk Enterprise.
- Deployments:
- Deployment: Default (Block / Notify)
- Deployment: Evaluation (Permit / Notify)
- References:
- Common Vulnerabilities and Exposures: CVE-2025-20297
- Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
- Protocol: HTTP
- Platform: Multi-Platform Server Application or Service
- Release Date: August 05, 2025
Modified Filters (logic changes):
* = Enabled in Default deployments
13136: HTTP: HP LoadRunner Buffer Overflow Vulnerability (ZDI-13-208)
- IPS Version: 1.0.0 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: August 29, 2013
- Last Modified Date: August 05, 2025
32255: HTTP: Microsoft JET Database Engine Buffer Overflow Vulnerability (ZDI-18-1050)
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: June 26, 2018
- Last Modified Date: August 05, 2025
33431: HTTP: Microsoft Outlook RWZ Integer Overflow Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Detection logic updated.
- Release Date: November 13, 2018
- Last Modified Date: August 05, 2025
* 36811: HTTP: Microsoft Windows Imaging API Use-After-Free Vulnerability
- IPS Version: 3.6.2 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Detection logic updated.
- Release Date: December 17, 2019
- Last Modified Date: August 05, 2025
45502: HTTP: Delta Electronics DTM Soft BIN File Parsing Deserialization Vulnerability (ZDI-25-591)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45502: ZDI-CAN-26161: Zero Day Initiative Vulnerability (Delta Electronics DTM Soft)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 04, 2025
- Last Modified Date: August 05, 2025
45578: HTTP: Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Vulnerability (ZDI-25-669)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45578: ZDI-CAN-25802: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 18, 2025
- Last Modified Date: August 05, 2025
45579: HTTP: Samsung MagicINFO 9 DeviceLogUploadServlet Directory Traversal Vulnerability (ZDI-25-666)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45579: ZDI-CAN-26057: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 18, 2025
- Last Modified Date: August 05, 2025
45580: HTTP: Samsung MagicINFO 9 fillLftOrLfdInfo Unrestricted File Upload Vulnerability (ZDI-25-664,665)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45580: ZDI-CAN-25873,26874: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 18, 2025
- Last Modified Date: August 05, 2025
45584: HTTP: Samsung MagicINFO 9 OpenApiController Unrestricted File Upload Vulnerability (ZDI-25-663)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45584: ZDI-CAN-25885: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 18, 2025
- Last Modified Date: August 05, 2025
45585: HTTP: Samsung MagicINFO 9 ResponseUploadActivity Directory Traversal Vulnerability (ZDI-25-662)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45585: ZDI-CAN-25955: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: March 18, 2025
- Last Modified Date: August 05, 2025
45609: HTTP: Samsung MagicINFO 9 SWUpdateFileUploadServlet Directory Traversal Vulnerability (ZDI-25-659)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45609: ZDI-CAN-25772: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: August 05, 2025
45610: HTTP: Samsung MagicINFO filenameHasExecutableType Unrestricted File Upload Vulnerability(ZDI-25-660)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45610: ZDI-CAN-25804: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: August 05, 2025
45611: HTTP: Samsung MagicINFO 9 parseXMLString XML External Entity Processing Vulnerability (ZDI-25-661)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45611: ZDI-CAN-25860: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Severity changed from "Critical" to "High".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 01, 2025
- Last Modified Date: August 05, 2025
45678: HTTP: Samsung MagicINFO 9 Server Unrestricted File Upload Vulnerability (ZDI-25-658)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45678: ZDI-CAN-25807: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 08, 2025
- Last Modified Date: August 05, 2025
45679: HTTP: Samsung MagicINFO 9 getZipFileListForImport Unrestricted File Upload Vulnerability(ZDI-25-656)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45679: ZDI-CAN-25809: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 08, 2025
- Last Modified Date: August 05, 2025
45680: HTTP: Samsung MagicINFO MagicInfoWebAuthorClient Unrestricted File Upload Vulnerability (ZDI-25-657)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45680: ZDI-CAN-26519: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 08, 2025
- Last Modified Date: August 05, 2025
45760: HTTP: Siemens SINEC NMS unZipJarFilestoLocation Directory Traversal Vulnerability (ZDI-25-575)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45760: ZDI-CAN-26571: Zero Day Initiative Vulnerability (Siemens SINEC NMS)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: April 29, 2025
- Last Modified Date: August 05, 2025
45847: HTTP: Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Vulnerability (ZDI-25-655)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45847: ZDI-CAN-26520: Zero Day Initiative Vulnerability (Samsung MagicINFO 9 Server)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 13, 2025
- Last Modified Date: August 05, 2025
* 45906: HTTP: Microsoft SharePoint DataSetSurrogate Insecure Deserialization Vulnerability (ZDI-25-581,653)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45906: HTTP: Microsoft SharePoint DataSetSurrogate Insecure Deserialization Vulnerability (ZDI-25-581)".
- Description updated.
- Detection logic updated.
- Vulnerability references updated.
- Release Date: May 20, 2025
- Last Modified Date: August 05, 2025
* 46121: HTTP: Citrix NetScaler ADC and NetScaler Gateway Memory Leak Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Detection logic updated.
- Release Date: July 08, 2025
- Last Modified Date: August 05, 2025
Modified Filters (metadata changes only):
* = Enabled in Default deployments
24705: TCP: ysoserial Java Deserialization Tool Usage (ZDI-17-953)
- IPS Version: 3.1.3 and after.
- TPS Version: 4.0.0 and after.
- vTPS Version: 4.0.1 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 05, 2016
- Last Modified Date: August 05, 2025
* 44499: HTTP: Adobe Commerce and Magento XML External Entity Vulnerability
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Description updated.
- Vulnerability references updated.
- Release Date: July 16, 2024
- Last Modified Date: August 05, 2025
* 45072: HTTP: Trend Micro Encryption PolicyServerWindowsService Deserialization Vulnerability (ZDI-25-370)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45072: HTTP: Trend Micro Encryption PolicyServerWindowsService Deserialization Vulnerability(ZDI-25-370)".
- Release Date: November 19, 2024
- Last Modified Date: August 05, 2025
* 45073: HTTP: Trend Micro Encryption PolicyValueTableSerializationBinder Vulnerability (ZDI-25-369)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45073: HTTP: Trend Micro Encryption PolicyValueTableSerializationBinder Vulnerability(ZDI-25-369)".
- Release Date: December 03, 2024
- Last Modified Date: August 05, 2025
* 45905: HTTP: Microsoft SharePoint ToolPane Authentication Bypass Vulnerability (Pwn2Own ZDI-25-580,652)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "45905: HTTP: Microsoft SharePoint ToolPane Authentication Bypass Vulnerability (Pwn2Own ZDI-25-580)".
- Description updated.
- Vulnerability references updated.
- Release Date: May 20, 2025
- Last Modified Date: August 05, 2025
46059: HTTP: Autodesk Revit RFA File Parsing Out-Of-Bounds Read Vulnerability (ZDI-25-645)
- IPS Version: 3.9.5 and after.
- TPS Version: 5.2.2 and after.
- vTPS Version: 5.2.2 and after.
- Name changed from "46059: ZDI-CAN-27254: Zero Day Initiative Vulnerability (Autodesk AutoCAD)".
- Description updated.
- Vulnerability references updated.
- Release Date: June 17, 2025
- Last Modified Date: August 05, 2025
Removed Filters:
7801: Hypertext Transfer Protocol (HTTP)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7802: Telnet
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7803: Domain Name System (DNS)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7804: File Transfer Protocol (FTP)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7805: Simple Network Management Protocol (SNMP)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7806: Server Message Block (SMB)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7807: Open Network Computing Remote Procedure Call (ONC-RPC)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7808: Microsoft Remote Procedure Call (MS-RPC)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7809: Virtual Network Computing (VNC) (ATT&CK T1133,T1219)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: February 18, 2020
7810: Simple Mail Transfer Protocol (SMTP)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
7811: Internet Message Access Protocol (IMAP)
- IPS Version: Not available.
- TPS Version: 4.0.0 and after in NGFW Persona mode.
- vTPS Version: 4.0.1 and after in NGFW Persona mode.
- Release Date: December 31, 2005
- Last Modified Date: December 05, 2017
|
Welcome to the future of Business Support! I'm Trend Companion, your
AI assistant ready to streamline your experience.
Log in for your personalized support!
Chat with Trend Companion for quick answers, or submit a case for
detailed troubleshooting.