It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-02048: Remote authenticated command execution in multiple products

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006480

Scope:

Barracuda Web Filter v7.0.0 and earlier
Barracuda Spam and Virus Firewall 6.0.2 and earlier

Severity: Low - High

Description:

Secdef 2.0.20131015 contains fixes for a remotely exploitable command execution vulnerability in the products and versions listed above. Successful exploitation of the vulnerability requires that the attacker convince an authenticated administrative user to upload a file whose name clearly includes the attack value. In practice this vulnerability is not viably exploitable

For maximum protection, Barracuda Networks recommends that all customers ensure that their attack and security definitions are set to On and to upgrade to the latest generally available release of the firmware and security definitions.

Credits:

David Niedermaier

Link to this page:

https://campus.barracuda.com/solution/501600000013a0QAAQ