all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Exploit Released For Barracuda Shell Command Injection Vulnerability

Add to bookmarks
July 6, 2023, 10:34 a.m. | Guru Baran

GBHackers On Security gbhackers.com

The Barracuda Email Security Gateway (ESG) appliance has a remote command injection vulnerability that affects versions 5.1.3.001–9.2.0.006. This vulnerability was identified to be CVE-2023-2868, with a CVSS score of 9.8. It has been actively exploited since October 2022. The flaw stems from a failure to comprehensively sanitize the processing of .tar files (tape archives). Incomplete input […]


The post Exploit Released For Barracuda Shell Command Injection Vulnerability appeared first on GBHackers - Latest Cyber Security News | Hacker News.

actively exploited barracuda command command injection computer security cve cve-2023-2868 cvss cyber security email email security email security gateway esg exploit exploited failure files flaw gateway injection october score security security gateway shell tar vulnerability

Visit resource

More from gbhackers.com / GBHackers On Security

Sticky Werewolf Weaponizing LNK Files Group Attacking To Attack Organizations 1 day, 12 hours ago | gbhackers.com
act archive attachments attack +30
GoldPickaxe iOS Malware Harvests Facial Recognition Data & Bank Accounts 1 day, 12 hours ago | gbhackers.com
accounts android android malware app +25
Muhstik Malware Attacking Apache RocketMQ To Execute Remote Code 2 days, 15 hours ago | gbhackers.com
access apache apache rocketmq aqua +31
Hacktivist Groups Attacking Industrial Control Systems To Disrupt Services 2 days, 15 hours ago | gbhackers.com
attacks can control control systems +33
North Korean Kimsuky Attacking Arms Manufacturer In Europe 2 days, 15 hours ago | gbhackers.com
arms attack attack vector campaign +19
SPECTR Malware Attacking Defense Forces of Ukraine With a batch script 2 days, 16 hours ago | gbhackers.com
batch campaign center cert +22
300+ Times Downloaded Package from PyPI Contains Wiper Components 2 days, 19 hours ago | gbhackers.com
components cyber security cyber-security-course downloader +16
Tenable Acquires Eureka Security To Provide Data Security Across Infrastructure 2 days, 20 hours ago | gbhackers.com
acquisition agreement bolster capabilities +23
Microsoft Details On Using KQL To Hunt For MFA Manipulations 2 days, 21 hours ago | gbhackers.com
accounts attributes audit logs authentication +30

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com