← volver
CVE-2023-7102

Remote Code Execution (RCE) Vulnerability

EPSS 43.3%CWE-1104
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
Productos afectados
Barracuda Networks Inc. · Barracuda ESG Appliance

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/haile01/perl_spreadsheet_excel_rce_pochttps://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.mdhttps://metacpan.org/dist/Spreadsheet-ParseExcelhttps://www.barracuda.com/company/legal/esg-vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2023-7101