Lucene search
K

8 matches found

Packet Storm
Packet Storm
added 2026/03/23 12:0 a.m.113 views

📄 Barracuda ESG TAR Filename Command Injection

This Metasploit module exploits CVE-2023-2868, a command injection vulnerability in Barracuda Email Security Gateway ESG appliances. The vulnerability exists in how the ESG processes TAR file attachments - filenames containing shell metacharacters backticks are passed directly to shell commands...

9.8CVSS7.8AI score0.86956EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2023/12/24 10:15 p.m.30 views

CVE-2023-7102

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

9.8CVSS7.5AI score0.43323EPSS
In wildExploits2References8
OSV
OSV
added 2023/12/24 10:15 p.m.4 views

CVE-2023-7102

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

9.8CVSS5.8AI score0.43323EPSS
Exploits2References6
Prion
Prion
added 2023/12/24 10:15 p.m.30 views

Design/Logic Flaw

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

7.5CVSS7.2AI score0.43323EPSS
Exploits2References6Affected Software5
Cvelist
Cvelist
added 2023/12/24 9:47 p.m.31 views

CVE-2023-7102 Remote Code Execution (RCE) Vulnerability

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

9.7AI score0.43323EPSS
Exploits2References6
VulnCheck KEV
VulnCheck KEV
added 2023/12/24 12:0 a.m.6 views

VulnCheck KEV: CVE-2023-7102

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...

9.8CVSS7.4AI score0.43323EPSS
Exploits2References1
Krebs on Security
Krebs on Security
added 2023/06/15 3:40 p.m.41 views

CISA Order Highlights Persistent Risk at Network Edge

The U.S. government agency in charge of improving the nations cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely...

7.5CVSS9.7AI score0.85689EPSS
Exploits10
CISA
CISA
added 2023/05/26 12:0 p.m.4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-2868 Barracuda Networks ESG Appliance Improper Input Validation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

9.8CVSS7.4AI score0.86956EPSS
In wildExploits3References9
Rows per page
Query Builder