Update #3818 - (06/21/2025)

New Signatures

Signature Name	Severity	Description
HTTP:STC:ADOBE:CVE-2025-43573UF	major	This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
HTTP:CTS:PROGRESS-KEMP-CMD-INJ	major	This signature detects attempts to exploit a known vulnerability against Progress Kemp. A successful attack can lead to command injection and arbitrary code execution.
HTTP:DIR:RUBY-ON-RAIL-RENDER	warning	This signature detects attempts to exploit a known vulnerability against Ruby on Rails Dynamic Render. A successful attack can lead to directory traversal and arbitrary code execution.
HTTP:APACHE:AIRFLOW-API-AUTH-BY	warning	This signature detects attempts to exploit a known vulnerability against Apache Airflow. A successful attack can lead to security bypass.
HTTP:XSS:JETBRAINS-DATA-DIR-XSS	minor	This signature detects attempts to exploit a known cross-site scripting vulnerability against JetBrains TeamCity. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.
HTTP:STC:ADOBE:CVE2025-43550UAF	major	This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
HTTP:DIR:FORTINET-CNT-RT	major	This signature detects attempts to exploit a known vulnerability against Fortinet FortiWeb. A successful attack can lead to directory traversal and arbitrary code execution.
HTTP:CTS:F5-BIG-IP-CMD-INJ	major	This signature detects attempts to exploit a known vulnerability against F5. A successful attack can lead to command injection and arbitrary code execution.
HTTP:DIR:ALLEGRA-UNZIP-FILEINTO	major	This signature detects attempts to exploit a known vulnerability against Allegra. A successful attack can lead to directory traversal and arbitrary code execution.
HTTP:STC:APPLEOS-MC	major	This signature detects attempts to exploit a known vulnerability against Apple macOS. A successful attack can lead to arbitrary code execution.

Updated Signatures

Signature Name	Severity	Description
HTTP:CTS:CODER-CODE-SER-PROXY	major	This signature detects attempts to exploit a known vulnerability against Coder code-server. A successful attack can lead to access control bypass, spoofing conditions, or the attacker obtaining the victim's session token.
HTTP:STC:DL:GNU-GIMP-DDS-IMG-IO	major	This signature detects attempts to exploit a known vulnerability against GNU Image Manipulation Program. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
HTTP:CTS:IVANTI-WLDCRD-NTLM-RL	major	This signature detects attempts to exploit a known vulnerability against Ivanti. A successful attack can lead to sensitive information disclosure.
HTTP:DOS:DJANGO-FILTER-DOS	major	This signature detects attempts to exploit a known vulnerability against Django. A successful attack can result in a denial-of-service condition.
HTTP:CTS:MS-SHAREPNT-GPA-INJ	major	This signature detects attempts to exploit a known vulnerability against Microsoft SharePoint Server. A successful attack can lead to command injection and arbitrary code execution.
HTTP:CTS:FORTINT-SANDBX-CMD-INJ	major	This signature detects attempts to exploit a known vulnerability against Fortinet. A successful attack can lead to command injection and arbitrary code execution.
HTTP:STC:DELTA-DFAX-STCK-BO	major	This signature detects attempts to exploit a known vulnerability against Delta Electronics CNCSoft-G2 DOPSoft DPAX File. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the Delta Electronics.
HTTP:DIR:IVANTI-ENDPT-EFILE	major	This signature detects attempts to exploit a known vulnerability against Ivanti. A successful attack can lead to directory traversal and arbitrary code execution.
HTTP:XSS:MYBB-VEDITOR-SVG	minor	This signature detects Web pages containing dangerous script . A malicious Web site can exploit a known vulnerability in MyBB visual editor and gain control of the client browser.
HTTP:CTS:IVANTI-AVL-AUTH-BYPASS	major	This signature detects attempts to exploit a known vulnerability against Ivanti Avalanche. A successful attack can lead to sensitive information disclosure.
HTTP:STC:IE:WRITE-WAT-WHERE-UAF	major	This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to arbitrary code execution.
HTTP:STC:IE:SAME-ORI-SEC-BYPASS	major	This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer. A successful attack can result in hijack sessions with third-party web sites and could launch further attacks.
HTTP:OVERFLOW:MUL-WEBSERVS-REQ	warning	This signature detects attempts to exploit a known vulnerability in the Multiple Webservers. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the Webserver.
DNS:ISC-BIND-PACKAGE-DOS	major	This signature detects attempts to exploit a known vulnerability against BIND DNS package bind9. A successful exploit can lead to denial of service.