Solution #00006480
Scope:
Barracuda Web Filter v7.0.0 and earlier
Barracuda Spam and Virus Firewall 6.0.2 and earlier
Severity: Low - High
Description:
Secdef 2.0.20131015 contains fixes for a remotely exploitable command execution vulnerability in the products and versions listed above. Successful exploitation of the vulnerability requires that the attacker convince an authenticated administrative user to upload a file whose name clearly includes the attack value. In practice this vulnerability is not viably exploitable
For maximum protection, Barracuda Networks recommends that all customers ensure that their attack and security definitions are set to On and to upgrade to the latest generally available release of the firmware and security definitions.
Credits:
David Niedermaier
Link to this page:
https://campus.barracuda.com/solution/501600000013a0QAAQ