Views:

Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC).

System Requirements

The 3.2.0 DV is supported on devices running TOS 5.x and earlier.
The 4.0.0 DV is supported on devices running TOS 6.x or higher, as well as vTPS. Please note that vTPS does not currently support pre-disclosed ZDI filters.

The Digital Vaccine can be manually downloaded from the following URLs:

Table of Contents
--------------------------
  New Filters - 13
  Modified Filters (logic changes) - 2
  Modified Filters (metadata changes only) - 5
  Removed Filters - 0

  New Filters:

    46510: HTTP: Apache HTTP Server Directory Traversal Vulnerability (CVE-2021-42013)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Apache HTTP Server.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-42013 CVSS 9.8
      - Classification: Vulnerability - Access Validation
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46583: ZDI-CAN-27994: Zero Day Initiative Vulnerability (Bosch Rexroth IndraWorks)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Bosch Rexroth IndraWorks.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46586: ZDI-CAN-27785: Zero Day Initiative Vulnerability (claude-hovercraft)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting claude-hovercraft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46589: ZDI-CAN-27877: Zero Day Initiative Vulnerability (Framelink Figma MCP Server)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Framelink Figma MCP Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46594: ZDI-CAN-28257: Zero Day Initiative Vulnerability (Open WebUI)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Open WebUI.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46595: HTTP: Apache Solr Insecure Endpoint Detected
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to connect to an insecure endpoint in Apache Solr.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2023-50291
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46596: HTTP: Microsoft Windows LNK File _VerifyPathThreadProc NTLM Relay Input Validation Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-59185
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Windows Server Application or Service
      - Release Date: November 04, 2025

    46599: HTTP: Red Hat Openshift AI Potential Fingerprinting Attempt
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects potential fingerprinting activity in Openshift AI.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-10725
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: November 04, 2025

    46600: HTTP: Netgate pfSense Suricata FlowStream policy_name Stored Cross-Site Scripting Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-34177 CVSS 5.8
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46601: HTTP: Apache ActiveMQ Jolokia Authenticated Arbitrary Code Execution Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an authenticated arbitrary code execution vulnerability in Apache ActiveMQ Jolokia.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2022-41678 CVSS 8.8
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46613: HTTP: Zabbix visiblename Web Controller SQL Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-27240 CVSS 6.3
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46614: HTTP: Zabbix visiblename SQL Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-27240 CVSS 6.3
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46615: HTTP: Microsoft Windows library-ms NTLM Relay Input Validation Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-59244
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Windows Server Application or Service
      - Release Date: November 04, 2025
   


  Modified Filters (logic changes):
    * = Enabled in Default deployments

    20005: HTTP: D-Link Multiple Devices HNAP Command Injection Vulnerability
      - IPS Version: 3.1.3 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Release Date: June 30, 2015
      - Last Modified Date: November 04, 2025

    * 45567: HTTP: Webmin CGI Request Handling CRLF Injection Vulnerability (ZDI-25-282)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "45567: HTTP: Webmin CRLF Injection Vulnerability (ZDI-25-282)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 18, 2025
      - Last Modified Date: November 04, 2025



  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    4560: HTTP: HTTP Request Smuggling
      - IPS Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.
      - Release Date: July 24, 2006
      - Last Modified Date: November 04, 2025

    13855: TCP: XML External Entity (XXE) Usage
      - IPS Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: April 28, 2014
      - Last Modified Date: November 04, 2025

    35498: TCP: YSoSerial.Net Deserialization Tool Usage
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.
      - Release Date: June 18, 2019
      - Last Modified Date: November 04, 2025

    43190: HTTP: D-Link DIR820LA1_FW105B03 Command Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Miscellaneous modification.
      - Release Date: September 05, 2023
      - Last Modified Date: November 04, 2025

    * 44385: HTTP: Ivanti Endpoint Manager DBDR SQL Injection Vulnerability(ZDI-24-1498,1499,1500,25-937,943,944)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2024
      - Last Modified Date: November 04, 2025


  Removed Filters: None

Keywords: TippingPoint, Digital Vaccine, Trend Micro, DVLabs, Threat Management Center, TOS 5.x, TOS 6.x, vTPS, security filters, cybersecurity updates, malware protection, network security, new filters, modified filters, threat intelligence

Digital Vaccine #10081

Product / Version includes:

TippingPoint Digital Vaccine All

Last updated: 2025/11/05

Solution ID: KA-0021544

Category: Configure , Troubleshoot , Install

Summary

Digital Vaccine #10081 November 04, 2025

Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC).

System Requirements

The Digital Vaccine can be manually downloaded from the following URLs:

Table of Contents
--------------------------
  New Filters - 13
  Modified Filters (logic changes) - 2
  Modified Filters (metadata changes only) - 5
  Removed Filters - 0

  New Filters:

    46510: HTTP: Apache HTTP Server Directory Traversal Vulnerability (CVE-2021-42013)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Apache HTTP Server.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2021-42013 CVSS 9.8
      - Classification: Vulnerability - Access Validation
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46583: ZDI-CAN-27994: Zero Day Initiative Vulnerability (Bosch Rexroth IndraWorks)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Bosch Rexroth IndraWorks.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46586: ZDI-CAN-27785: Zero Day Initiative Vulnerability (claude-hovercraft)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting claude-hovercraft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46589: ZDI-CAN-27877: Zero Day Initiative Vulnerability (Framelink Figma MCP Server)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Framelink Figma MCP Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46594: ZDI-CAN-28257: Zero Day Initiative Vulnerability (Open WebUI)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter protects against exploitation of a zero-day vulnerability affecting Open WebUI.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service
      - Release Date: November 04, 2025

    46595: HTTP: Apache Solr Insecure Endpoint Detected
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to connect to an insecure endpoint in Apache Solr.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2023-50291
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46596: HTTP: Microsoft Windows LNK File _VerifyPathThreadProc NTLM Relay Input Validation Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-59185
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Windows Server Application or Service
      - Release Date: November 04, 2025

    46599: HTTP: Red Hat Openshift AI Potential Fingerprinting Attempt
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects potential fingerprinting activity in Openshift AI.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-10725
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Client Application
      - Release Date: November 04, 2025

    46600: HTTP: Netgate pfSense Suricata FlowStream policy_name Stored Cross-Site Scripting Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a stored cross-site scripting vulnerability in Netgate pfSense.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-34177 CVSS 5.8
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46601: HTTP: Apache ActiveMQ Jolokia Authenticated Arbitrary Code Execution Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an authenticated arbitrary code execution vulnerability in Apache ActiveMQ Jolokia.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2022-41678 CVSS 8.8
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46613: HTTP: Zabbix visiblename Web Controller SQL Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-27240 CVSS 6.3
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46614: HTTP: Zabbix visiblename SQL Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL Injection vulnerability in Zabbix.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-27240 CVSS 6.3
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service
      - Release Date: November 04, 2025

    46615: HTTP: Microsoft Windows library-ms NTLM Relay Input Validation Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Evaluation (Permit / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2025-59244
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Windows Server Application or Service
      - Release Date: November 04, 2025
   


  Modified Filters (logic changes):
    * = Enabled in Default deployments

    20005: HTTP: D-Link Multiple Devices HNAP Command Injection Vulnerability
      - IPS Version: 3.1.3 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Release Date: June 30, 2015
      - Last Modified Date: November 04, 2025

    * 45567: HTTP: Webmin CGI Request Handling CRLF Injection Vulnerability (ZDI-25-282)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Name changed from "45567: HTTP: Webmin CRLF Injection Vulnerability (ZDI-25-282)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Release Date: March 18, 2025
      - Last Modified Date: November 04, 2025



  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    4560: HTTP: HTTP Request Smuggling
      - IPS Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.
      - Release Date: July 24, 2006
      - Last Modified Date: November 04, 2025

    13855: TCP: XML External Entity (XXE) Usage
      - IPS Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: April 28, 2014
      - Last Modified Date: November 04, 2025

    35498: TCP: YSoSerial.Net Deserialization Tool Usage
      - IPS Version: 3.6.2 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.
      - Release Date: June 18, 2019
      - Last Modified Date: November 04, 2025

    43190: HTTP: D-Link DIR820LA1_FW105B03 Command Injection Vulnerability
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Miscellaneous modification.
      - Release Date: September 05, 2023
      - Last Modified Date: November 04, 2025

    * 44385: HTTP: Ivanti Endpoint Manager DBDR SQL Injection Vulnerability(ZDI-24-1498,1499,1500,25-937,943,944)
      - IPS Version: 3.9.5 and after.
      - TPS Version: 5.2.2 and after.
      - vTPS Version: 5.2.2 and after.
      - Description updated.
      - Vulnerability references updated.
      - Release Date: June 18, 2024
      - Last Modified Date: November 04, 2025


  Removed Filters: None

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

Digital Vaccine #10081

Digital Vaccine #10081

Product / Version includes:

Summary