It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Help Center / Reference

BNSEC-01168 unauthenticated, remotely exploitable, HTTP header injection vulnerability in multiple products

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00006864


Fixed in Spam Firewall
Fixed in Web Application Firewall 7.8
Fixed in Message Archiver 3.5
Fixed in Load Balancer 4.2.2

Severity: High


The firmware versions above fix an unauthenticated remote HTTP header injection vulnerability.

To ensure maximum protection Barracuda Networks recommends that all customers upgrade to the latest generally available firmware and enable all definition updates.


Abhinav Karnawat \/ w4rri0r \/,Nathaniel Wakelam,Rafael Pablos,Zakaria Amous

Link to this page: