CVE-2023-7102
Remote Code Execution (RCE) Vulnerability
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.
Produtos afetados
Barracuda Networks Inc. · Barracuda ESG ApplianceQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://github.com/haile01/perl_spreadsheet_excel_rce_pochttps://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.mdhttps://metacpan.org/dist/Spreadsheet-ParseExcelhttps://www.barracuda.com/company/legal/esg-vulnerabilityhttps://www.cve.org/CVERecord?id=CVE-2023-7101