Rule Update
25-006 (February 11, 2025)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
MyQ Print Server
1012268 - MyQ Print Server Remote Code Execution Vulnerability (CVE-2024-28059)
Progress WhatsUp Gold
1012237 - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46905)
Trend Micro Common
1012272 - Trend Micro Multiple Products Path Traversal Vulnerabilities
Web Application PHP Based
1011999* - BoidCMS Command Injection Vulnerability (CVE-2023-38836)
1012021* - Grav CMS Directory Traversal Vulnerability (CVE-2024-27921)
1012073* - LibreNMS Cross-Site Scripting Vulnerability (CVE-2024-32479)
1011993* - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1012260 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-50352)
1012277 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-53457)
1011975* - WordPress 'Backup Migration' Plugin Command Injection Vulnerability (CVE-2023-7002)
1012067* - WordPress 'Forminator' Plugin SQL Injection Vulnerability (CVE-2024-31077)
1012014* - WordPress 'LayerSlider' Plugin SQL Injection Vulnerability (CVE-2024-2879)
1011968* - WordPress 'LearnPress' Plugin SQL Injection Vulnerability (CVE-2023-6567)
1012005* - WordPress 'Popup Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2023-6000)
1012007* - WordPress 'Ultimate Member' Plugin SQL Injection Vulnerability (CVE-2024-1071)
1012045* - WordPress 'WPvivid Backup' Plugin Insecure Deserialization Vulnerability (CVE-2024-3054)
Web Application Tomcat
1012274 - Apache Tomcat Race Condition Vulnerability (CVE-2024-50379 and CVE-2024-56337)
Web Server HTTPS
1012255 - GFI Archiver Telerik Web UI Remote Code Execution Vulnerability (CVE-2024-11948)
1012051* - WordPress Core Cross-Site Scripting Vulnerability (CVE-2024-4439)
Web Server Miscellaneous
1011948* - Ivanti Avalanche Multiple Remote Code Execution Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
MyQ Print Server
1012268 - MyQ Print Server Remote Code Execution Vulnerability (CVE-2024-28059)
Progress WhatsUp Gold
1012237 - Progress WhatsUp Gold SQL Injection Vulnerability (CVE-2024-46905)
Trend Micro Common
1012272 - Trend Micro Multiple Products Path Traversal Vulnerabilities
Web Application PHP Based
1011999* - BoidCMS Command Injection Vulnerability (CVE-2023-38836)
1012021* - Grav CMS Directory Traversal Vulnerability (CVE-2024-27921)
1012073* - LibreNMS Cross-Site Scripting Vulnerability (CVE-2024-32479)
1011993* - LibreNMS SQL Injection Vulnerability (CVE-2023-5591)
1012260 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-50352)
1012277 - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-53457)
1011975* - WordPress 'Backup Migration' Plugin Command Injection Vulnerability (CVE-2023-7002)
1012067* - WordPress 'Forminator' Plugin SQL Injection Vulnerability (CVE-2024-31077)
1012014* - WordPress 'LayerSlider' Plugin SQL Injection Vulnerability (CVE-2024-2879)
1011968* - WordPress 'LearnPress' Plugin SQL Injection Vulnerability (CVE-2023-6567)
1012005* - WordPress 'Popup Builder' Plugin Cross-Site Scripting Vulnerability (CVE-2023-6000)
1012007* - WordPress 'Ultimate Member' Plugin SQL Injection Vulnerability (CVE-2024-1071)
1012045* - WordPress 'WPvivid Backup' Plugin Insecure Deserialization Vulnerability (CVE-2024-3054)
Web Application Tomcat
1012274 - Apache Tomcat Race Condition Vulnerability (CVE-2024-50379 and CVE-2024-56337)
Web Server HTTPS
1012255 - GFI Archiver Telerik Web UI Remote Code Execution Vulnerability (CVE-2024-11948)
1012051* - WordPress Core Cross-Site Scripting Vulnerability (CVE-2024-4439)
Web Server Miscellaneous
1011948* - Ivanti Avalanche Multiple Remote Code Execution Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.